Approximately 60% of all computers sold today are portable computers. An old truism of computer security is that if an attacker has physical access to a computer, that attacker has access to all the data on that computer. This truism, combined with the prevalence of portable computers in organizational environments, makes life more challenging for today’s IT security professional. Fifteen years ago, it was unusual for someone to take his or her work computer out of the office in the evening. Today many workers expect to have to take their computer with them when they leave for the day.
The problem this poses for IT security professionals is that laptop computers are more easily lost or stolen than desktop computers. Laptop computers can contain tens of gigabytes of organizational data. Tens of gigabytes that may end up in the hands of an unauthorized third party if that laptop computer is left at an airport security checkpoint or is stolen from a bag while the worker is commuting on public transport.
A recent survey by the Ponemon institute found that roughly 5000 laptop computers are left at US airport security screening checkpoints each week. Two thirds of these laptop computers are never recovered and are sold by the airports at auction. Another study of small to medium sized enterprises found that, on average, a portable computer was lost from a SME every four months. The average cost to the organization of one of these lost computers was $50,000 USD. The main cost to the organization is not replacing the hardware or the lost productivity, but the cost of working out what data may have been lost and the effect that may have if that data was recovered by a competing organization.
The primary reason you want to use BitLocker and BitLocker to go on the computers in your organization is to minimize the chance that useful data can be recovered from lost storage devices by a third party. Minimizing the recoverability of data so that only authorized persons can...More