Another entry for the Identity Theft and Data Loss file...

We saw the following story about a potentially major personal data breach affecting Google employees and thought it was worth passing on.

As Valleywag and eWEEK originally reported on July 2nd, that Google employees hired before Dec. 31, 2005, received notices that their personal data, including Social Security numbers and birth dates had been compromised by a break-in at Colt Express Outsourcing Services, a payroll and human resources outsourcing company.

The Valleywag report says the break-in occurred at Colt Express on May 26 and Google informed employees on June 9 about the breach. As a result, employees are getting a free year of identity theft protection.

Google employees looking to get an explanation from Colt Express will find the company's Web site is no help. The site only reports that the "home page will be reconstructed."

The likely reason for the Colt Express site being down is that Ceridian, the giant payroll processing and human resources company that serves more than 25 million employees, announced in early February 2008 that it had acquired "certain assets" from Colt Express. Ceridian's benefits services division is now providing services to Colt's clients.

This latest case demonstrates again that poor physical security is a more prevalent cause of data breaches than remote hacking attacks. Most of the biggest data breaches reported over the past couple of years have resulted from laptop computers being lost or stolen.

This means that the solution to these problems is a combination of improved physical security at business offices of all kinds to make it harder to steal computers and new data protection services that attempt to erase or block access to storage disks after computers have been stolen.

On June 30, Dell started offering a set of services for its business computers that not only try to track missing or stolen laptops, but also attempt to remotely erase sensitive corporate data from a hard disk drive.

Such services are likely to become more prevalent as corporate IT managers learn that they haven't truly secured employee and customer data until they implement some kind of effective system that tries to block access to data contained on the hard disks of lost and stolen computers.

According to Vallywag, employees of CNET Networks were also affected by this security breach.

CMS Products offers a suite of data security solutions, including the ABS Secure Encrypted Backup solution for laptops and CE Secure encryption software, technology that could have offered much greater data protection for the employees of Google and CNET Networks.

10 Ways Your Employees Pose a Security Risk for Your Organization

eWEEK.com posted an interesting article summarizing the top business security risks on their web site. We summarize here:

1. USB Drives - Unprotected USB drives are a prime way of letting sensitive company data walk out the door. Short of blocking USB flash drives altogether, companies can use device management software to monitor the ways the drives are being used.

2. Laptops - Employees are taking laptops everywhere, especially as they get lighter, making them more vulnerable to loss or theft. But even taking them to the safety of employees' own living rooms doesn’t protect these devices from infection through improperly secured home networks, exposing enterprise networks to viruses and other malware.

3. P2P - Applications such as Skype and instant messaging create security holes that can let Trojans and other spyware onto your network, particularly if employees are allowed to share those infected files.

4. Employees sending sensitive work files to their unaudited personal Web addresses are vulnerable to having their accounts hacked and critical company data stolen because, in theory, Web mail doesn’t have the same security as your enterprise e-mail.

5. WiFi - Logging onto unsecured wireless networks at home, the local Starbucks or on the road leaves data at risk unless employees are careful to log onto networks through a VPN or take other security measures.

6. Smart Phones - Allowing employees to bring nonstandard-issue smart phones and PDAs into the workplace means they’re storing highly portable and sensitive data on equipment that they can take home with them if they leave the company, leaving you with little or no security recourse.

7. Collaboration Tools and Hosted Software - Collaboration tools such as SharePoint, wikis and even e-mail distribution systems are great in theory but security risks in practice, unless administrators actively monitor the distribution and usage of user names and passwords. Not taking these security measures leaves the systems open to people who should not have access.

8. Social Networks - Facebook and MySpace in particular are unsecured and invite employees to share critical information while wasting time, while add-on applications available through those sites could hide malware and spyware, posing additional security threats.

9. Unauthorized Software Updates - Allowing employees to download patches or upgrades before your networks are ready can render user PCs and the network itself vulnerable to hacks and other security attacks.

10. Virtual Networks - Avatars posing as colleagues or "friends with benefits" could actually be competitors hoping for a chance to steal corporate data, passwords or other access vectors to sensitive information.

Secure Encrypted Backup Solutions by CMS

A quick video demo for our ABS Secure encrypted backup solutions.

Tips on how to recover files

We thought this was quite a useful instructional on various methods to recover files.

Redundant Backup Solutions by CMS

We have put together a quick video to demonstrate the CMS Velocity2 Series Redundant Backup Solutions.

ABSplus Demo - Disaster Recovery via Drive Swap

This video demo shows how fast and easy it is to recover from a hard drive disaster by swapping the drive in your laptop using your CMS ABSplus backup system. You can use this method for both Laptop or Desktop backup systems. You can also recover using the CMS bootable Rescue CD, however, using the Rescue CD can take several hours. This demo is intended to show the faster method of drive swap.

More information on CMS ABSplus automatic backup systems can be found on our web site at:

http://www.cmsproducts.com

Upgrading Hard Drive with CMS EasyBundle

Here is a video demo which shows hot to upgrade your laptop hard drive using a CMS EasyBundle hard drive upgrade kit.

More how-to videos can be found on our You Tube Channel.

Backing Up Laptop - How To

Here is a quick video demo of how to backup your laptop using a CMS ABSplus automatic backup system.

More how-to's can be found on our You Tube Channel.