Do You Own a $245,000 Laptop?

ANI Direct

If your laptop contains private or sensitive information such as social security numbers, banking records, personal financial information, employee records and personal healthcare information, it may be worth much more than you thought. Laptop theft is on the rise – up by 81%, according to the Ponemon Institute’s 2007 study The Cost of Data Breach. Thieves aren’t after your equipment. They want the sensitive information on it. They’re after personal financial information, employee records and patient information files.

Why It’s So Expensive

Privacy laws require you to report lost laptops and mobile devices to officials. You’re also required to notify every person whose personal information was – or could have been – compromised.

The Ponemon study says that more than half of all identity theft data comes from a lost or stolen laptop. When two Federal Trade Commission attorneys had their laptops stolen, the FTC began free credit reporting to everyone whose information was exposed at its own cost.

The Ponemon Institute states that notifying and rectifying costs $197 per record. Mount St. Mary’s Hospital in New York lost 17,000 patient records at a cost of a little more than $3 million. Hewlitt-Packard lost 196,000 employee records – that’s $38.6 million from one laptop. The cost of one lost or stolen laptop starts at $245,000.

If it can happen to Hewlitt-Packard and the FTC, it can happen to you. It’s ironic that the things that make business data so vulnerable – powerful productivity applications and mobility – are the very things that CIOs recognize as crucial to business success. Today, employees have access to more data, more often, than ever before. And they use it to stay competitive. However, according to the recent Yankee Group Report, “Zen and the Art of Rogue Employee Management,” enterprise IT is facing a potentially hazardous mix of secured and unsecured applications in the enterprise as consumer products such as instant messaging and personal computing devices gain popularity and escape oversight by IT.

A Better Way to Pay

In this environment, traditional approaches to security are both costly and ineffective. The challenge: How to keep employees productive and creative – able to access data when and where they want it – while still maintaining and even strengthening security.

A user of the PGP® Encryption Platform, American National Insurance Company (ANICO) faces this challenge each day. “As an insurance company, we promise our customers that we’ll keep their information private. We need to make sure we keep this vow because otherwise, we risk losing the customer’s trust,” say Ken Juneau, AVP, Director of Distributed Systems.

Encryption answers the challenge of balancing productivity and security. Although encryption of one kind or another has been a part of information technology practices for a long time, it is just now entering mainstream usage. Compelled to meet industry and government regulations and the expectations of customers and partners, businesses of all kinds now find that only encryption offers the security wherever data goes. That capability is why the core of any information security strategy is the protection of data with seamless, transparent, and automatic encryption, applied immediately, wherever and whenever needed.

“Today, security is an integral part of the basic IT infrastructure,” says Thomas Goschütz, CTO Corporate Center, at global media company Bertelsmann. His company has made security an integral part of its business strategy and focuses on protecting data to reduce enterprise risk.

“From an enterprise perspective, the protection of the information itself has become important,” says Goschütz.

With data security built in, IT can continually develop new, more proactive, redundant means of protecting data for particular applications. As new security risks and threats develop, the inherent protection of data encryption reduces the need to rush to implement a patchwork of inefficient fixes.

Both end users and administrators become more productive, because data remains accessible and built-in security thwarts new threats. Most importantly, whole disk encryption marries policy and protection, improving the possibility of achieving comprehensive audit and regulatory compliance.

The Encryption Solution

Why encrypt? Data is vulnerable when traditional access barriers fail, either through an insider or an outside party. PGP® Whole Disk Encryption locks down the entire contents of a laptop, desktop, external drive, or USB flash drive, including boot sectors, system, and swap files. The encryption is transparent to the user, automatically protecting data.

PGP Whole Disk Encryption is a PGP Encryption Platform–enabled application. The PGP Encryption Platform provides a strategic enterprise encryption framework for shared user management, policy, and provisioning, automated across multiple, integrated encryption applications. As a PGP Encryption Platform–enabled application, PGP Whole Disk Encryption can be used with PGP Universal Server™ to manage existing policies, users, keys, and configurations, expediting deployment and policy enforcement. PGP Whole Disk Encryption can also be used in combination with other PGP encryption applications to provide multiple layers of security.

Once PGP Whole Disk Encryption is deployed, its operation is completely transparent – users simply continue to work as usual. The software automatically encrypts and decrypts data on-the-fly, ensuring data protection without requiring changes in users’ behavior.

Used together, PGP Whole Disk Encryption and PGP Universal Server’s unified management console establish, enforce, and update security policy in real time. This combination reduces the time and effort required to deploy full disk encryption.

With PGP Whole Disk Encryption, no special training is required for end users. This approach accelerates deployment time, reduces training costs, and avoids any increase in help desk calls.

PGP Whole Disk Encryption can be centrally deployed and managed when used with PGP Universal Server (optional), enabling organizations to easily set and enforce data security polices throughout the enterprise.

Using a Partner You Can Trust

ANI Direct is one of a few selected “Gold” Partners in PGP’s world-class Global Partner Program. ANI Direct’s PGP-certified security solution specialists have deep experience installing, deploying, and supporting DLP solutions. ANI Direct specializes in data protection, data loss prevention, encryption, and compliance security initiatives for financial, health care, insurance, and commercial companies nationwide. They offer comprehensive security audits without lengthy contracts or disruption to business. ANI professional services team help clients integrate this industry-leading encryption solution with existing firewall, intrusion prevention, anti-spyware, identity and access controls, and data encryption products. With full access to the PGP encryption solution set, they customize every installation to ensure the most effective information security to neutralize data loss.

ANI Direct understands that many customers have greater security needs than their budget allows and also offers flexible payment options for organizations that would like to pay for what they need over time.

ANI Direct's team of product specialists, certified engineers, and phone support technicians also provide preferred volume license pricing. ANI Direct is the first PGP partner to offer a managed PGP Universal server and whole disk solution for clients requiring quick implementation, secure management, and help desk support for both short- and long-term needs.