Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 7. He Who Steals My Purse ... > Countermeasure: Policy

Countermeasure: Policy

Weeks after the laptop theft, the Veterans’ Administration issued a recall to all its employees and contractors, ordering them to turn in all laptops, but according to a news article [RAS06], the purpose of the recall was to “ensure that all employees were meeting security policy requirements, such as having the correct software installed on their laptops.” The VA’s inspector general investigated the incident and sharply criticized the department for lax security procedures, including not enforcing security policies and failing to report the theft to department senior management. The analyst who took the laptop home was fired.

Interestingly, the “policy” to which the VA referred in its recall was to ensure that the “correct software” was installed on laptops. It is hard to understand how software is going to counteract theft of a physical device (although encryption software, to be described later in this chapter, could significantly help prevent loss of data confidentiality). Shortly after this theft and other slightly less egregious ones, the U.S. government required software protection for all data on laptop computers. But, as Sidebar 7-2 indicates, organizations have to create security policies that achieve the desired effect.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint