Comment Missing the point (Score 1) 376
Pretty much all the responses so far completely miss the point.
I work for a large finiancial institution - one of the biggest. Plenty of folks here have sensitive client information on their laptops, which they take with them on business trips to see clients, technology partners etc. We have some extremely large clients (all the major banks, US and worldwide) and the client information could include contacts, details of trading, holdings in various stocks, etc. This information can be worth millions of dollars, and the company could be fined similar amounts if it was stolen from their posession.
Most of the employees/managers/sales guys etc that go on business trips are not particularly technically savvy. All they know is that they have their laptop, and it is encrypted, and they have been told that their laptop is safe because the evil h4xx0rz can't decrupt the 124-byte RSM keylock. This will give them a false sense of security, and will leave their laptop in their hotel room, safe in the knowledge that it has a kingston lock on it and no-one can walk off with it.
The data on some of these machines is valuable enough that people certainly would think about trying to get their hands on it.
This needs to be a wakeup call to the big banks that they need to educate their staff - simply telling them "your laptop is encrypted, you are safe" is not good enough. They need to keep the machine with them at all times
All the talk of "boot from liveCD" or BIOS passwords, or hidden TrueCrypt volumes, simply are not feasible on a large corporate scale, and are certainly above your average client portfolio manager.
I work for a large finiancial institution - one of the biggest. Plenty of folks here have sensitive client information on their laptops, which they take with them on business trips to see clients, technology partners etc. We have some extremely large clients (all the major banks, US and worldwide) and the client information could include contacts, details of trading, holdings in various stocks, etc. This information can be worth millions of dollars, and the company could be fined similar amounts if it was stolen from their posession.
Most of the employees/managers/sales guys etc that go on business trips are not particularly technically savvy. All they know is that they have their laptop, and it is encrypted, and they have been told that their laptop is safe because the evil h4xx0rz can't decrupt the 124-byte RSM keylock. This will give them a false sense of security, and will leave their laptop in their hotel room, safe in the knowledge that it has a kingston lock on it and no-one can walk off with it.
The data on some of these machines is valuable enough that people certainly would think about trying to get their hands on it.
This needs to be a wakeup call to the big banks that they need to educate their staff - simply telling them "your laptop is encrypted, you are safe" is not good enough. They need to keep the machine with them at all times
All the talk of "boot from liveCD" or BIOS passwords, or hidden TrueCrypt volumes, simply are not feasible on a large corporate scale, and are certainly above your average client portfolio manager.