Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Survivor's Guide to 2007: Business Strategy: Page 8 of 9

Laptops and removable media are key sources of data loss, as evidenced by the May 2006 theft of a laptop and hard drive containing 26.5 million records of U.S. military veterans. Enterprises can deploy encryption software to secure specific files or even the entire hard disk. Companies such as PGP, PointSec and SafeBoot provide encryption capabilities to ensure that lost or stolen laptops or thumb drives don't lead to information exposure.

On the downside, as we found in our recent review (see "Lock Down Loose Cannons" ), these solutions can be expensive to deploy to a large number of users, and they come with all the usual helpdesk headaches, such as password resets. They also address a very narrow segment of the privacy protection puzzle.

In addition to finding technological solutions, enterprises must assess their business processes to understand where the greatest risks for data exposure and loss exist. Once again, ChoicePoint serves as an excellent case study--identity thieves set up a fake business to pose as legitimate customers, and ChoicePoint simply sold them the records. Thus, the breach was a failure of the company's business processes, not an attack or a disgruntled insider.

In addition to reviewing business processes, companies must also understand where the protection strategies they employ will (and won't) meet regulatory or industry requirements. Without these steps, 2007 will look a lot like 2006.

Technology Editor Andrew Conry-Murray can be reached at [email protected]/a>.