There’s new information about the personal data of NFL players that was put at risk.
The Washington Redskins confirmed to NFL Media on Wednesday that confidential player data was put at risk for compromise after a laptop computer belonging to a Redskins athletic trainer was stolen in April. Here’s the press release: http://www.nfl.com/news/story/0ap3000000666134/article/redskins-laptop-containing-player-data-was-stolen
The laptop was password-protected, but unencrypted.
“What happened to the Washington Redskins was a total fumble on computer security,” said Ebba Blitz, CEO of Alertsec, an encryption as a service company. “While we should be surprised that the laptop was not encrypted, our research shows most companies do not ensure their laptops are encrypted until a breach like this takes place. Ultimately this security fumble proves why everyone needs encryption.”
Ebba Blitz is the former host of Sweden’s Shark Tank.
Ebba pointed out that the password protected laptop likely created a false sense of security. “According to our own research businesses overwhelmingly fear that standard security precautions create a false sense of security for laptop and mobile users.”
For example, more than two-thirds of executives (68%) believe auto-saved passwords are not secure. Nearly half (48%) of SMB executives believe never logging out of user profiles decreases security, followed by having 4-6 digital passcodes (45%). Over one in five SMB executives (23%) believe lock down (when functionality of the system is restricted) is not secure, while 16% believe that lock ups (when multiple password attempts failed, causing restrictions) are also insecure. You can see the research here: https://www.alertsec.com/alertsec-smb-2015-encryption-study-beware-of-the-false-sense-of-security/
Ebba added this incident shows why encryption as a service is so valuable: “Obviously the NFL has the resources to afford whatever encryption offering money can buy – but for whatever reason that did not happen. For those who want a cost-efficient solution and do not want to allocate resources to an IT department to manage encryption, we recommend encryption as a service.”
Alertsec SMB 2015 Encryption Study: Beware of the False Sense of Security
Study also determined whose computer respondents would hack: Trump’s or Clinton’s?
PALO ALTO, Calif., November 12, 2015 –Alertsec, the cloud-based encryption company, today released the findings of its Alertsec SMB 2015 Encryption Study. The Alertsec SMB 2015 Encryption Study, fielded among 1,255 small-to-medium business (SMB) executives, revealed that businesses overwhelmingly fear that standard security precautions create a false sense of security for laptop and mobile users. For example, more than two-thirds of executives (68%) believe auto-saved passwords are not secure. Nearly half (48%) of SMB executives believe never logging out of user profiles decreases security, followed by having 4-6 digital passcodes (45%). Over one in five SMB executives (23%) believe lock down (when functionality of the system is restricted) is not secure, while 16% believe that lock ups (when multiple password attempts failed, causing restrictions) are also insecure.
“The real problem is the false sense of security these ‘security precautions’ create,” said Ebba Blitz, President of Alertsec. “Computer manufacturers and software vendors offer a variety of built-in solutions that seem to protect you, but they are no match for the run-of-the-mill cybercriminal. That’s why encryption is so important. Losing data could cause a problem of catastrophic proportions for any individual and any company.”
An overwhelming majority of SMB executives (87%) admitted they feared data breaches. When pressed further, they listed their concerns:
- 40% of respondents said they fear leaving their laptop in the car and consequently having their identity stolen
- 37% fear having their laptop stolen while working at a coffee shop
- 30% fear burglars breaking into their homes and obtaining online banking information
- 27% fear having their laptop stolen at airport security and having their Dropbox and photo files breached
Most SMBs executives (68%) say the problems they have seen at work have made them encrypt their personal computers as well. Respondents said they encrypt because they fear their financial files will be compromised (39%), because data breaches are both very damaging (35%) and very common (29%), and because once you encrypt your work computer, you have to encrypt everything (16%). Only 3% said they encrypt their PC because they fear the government is snooping into their files.
An overwhelming majority (90%) said work computers should be encrypted, followed by smartphones (61%), personal computers (58%) and tablets (55%). Only 23% felt cars should be encrypted, but this number will likely rise in the near future with the release of smart, self-driving cars. One-third (32%) of those polled do not encrypt their personal computer.
An overwhelming majority, 97%, see encryption as a service is a necessary tool. Nearly half (48%) said that job requirements had prompted them to seek encryption as a service, while 16% said it was HIPAA compliance, and another 10% said SOX compliance. A minority said they sought encryption as a service after having had their computers stolen (6%) or after someone they knew had information stolen from their computer (6%).
Another 3% of respondents said they sought encryption services after someone they knew had been fined for data breach.
Encryption is indispensable
When asked what benefits of encryption as a service make it indispensable to SMBs and small business owners, 75% of respondents say that encryption gives them a peace of mind. Over 60% of respondents like having a 24/7 help desk support, and more than 50% revealed that having everything on their disk encrypted, including the operating system and free space, is important to them. Some 32% said the benefit was no need for IT staff, no need for software, and no impact on the encrypted computer. In addition, 29% said payment as you go was the major benefit; 25% said the benefit is no need for training; and 23% said it was because it eliminated the need to invest in multiple products.
However, when the pendulum swings…
A minority of respondents were able to put concerns for their own personal information aside and pretend that they were on the other side of a security breach. When asked whose computer files they would most like to view in such an event, 13% said they would like to see President Obama’s computer files, and 6% said Hillary Clinton, Donald Trump and Mark Zuckerberg.
A virtuous majority (61%) said they wouldn’t want to see anyone’s private computer files.
Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops. No server, IT knowledge or training is needed, as everything is included in the subscription. Alertsec also provides HIPAA, PCI and SOX requirements compliance support. The implemented encryption has the highest security certifications – FIPS & Common Criteria.