Is that laptop worth $7 million?

One of the key examples I use when talking about the importance of data encryption is the value of the data that could potentially be exposed. Is a $900 laptop worth the $1 million or more of liability potential if it’s unencrypted and lost or stolen? It turns out I was wrong – the average settlement is much higher, and that’s a good thing.

There’s a great article over at SC Magazine online that talks about the increase in lawsuits over data breaches. There’s an opportunity for lawyers to capitalize here and they’re making the most of it trying to set legal precedent in the U.S. as more and more data breaches occur.

Typically what we hear about when a data breach occurs is the mea culpa of the company followed by what they’re going to do to address the risk to customers. This usually involves paying for one to three years of identity theft protection for those affected. However, this is usually only done by companies being proactive. Many others try to avoid the issue altogether and pretend it didn’t happen. That’s starting to bite them in the behind.

While lawsuits have historically been unsuccessful there’s more precedent being set and organizations that don’t protect their data need to pay attention:

“About a year ago, the 11th U.S. Circuit Court of Appeals in Atlanta, in a 2-to-1 decision (PDF), sided in an unprecedented fashion with claimants’ allegations of unjust enrichment in a breach involving Florida health insurer AvMed, from which two unencrypted laptops, containing the personal information of 1.2 million customers, were stolen. Among its decisions, the court held that the premiums AvMed members pay to the company includes an expectation for the protection of personal information.”

As I mentioned, companies that are more proactive in nature when dealing with the aftermath of a data breach tend to face less backlash by being open, honest and transparent while offering to help potential victims.

Those that don’t – and this is the stat that really sticks out here – tend to enter litigation and more often than not settle to ‘sweep the matter under the rug.’ The cost of that cleanup according to the article can be as much as $7 million.

That’s right, the loss of that simple, unencrypted piece of $900 hardware could cost a company up to $7 million. Adding a piece of encryption software could prevent a $7 million liability.

So the question is if you’re not encrypting your data today, what’s stopping you?

Previous Post
Travelling is always a Security education
Next Post
UEFI Summerfest 2013

Related Posts

Hidden Benefits of Encryption for Legal Services

Lately we have noticed a growing interest for encryption and data security in the legal services industry. Legal services face a similar challenge as other verticals with the need to protect corporate assets being shared through multiple devices and portals.…
Read more

SecureDoc 6.2 is here!

As we teased last week, we have been gearing for a launch today and that launch is SecureDoc 6.2. Now, it may not seem like a significant step from 6.1 to 6.2, but it’s more than just what’s in the…
Read more

It’s not as hard as you might think

I was reading an article from ITWorld this week that touched on the recent data breach at the South Carolina Department of Revenue. While I find this type of thing fascinating, I also find it scary when someone says something…

Pre-Boot Network Authentication

Being an IT administrator can be very challanging, with many responsibilities ranging from making sure every employee has the proper working tools required to do their jobs to keeping corporate data safe. Some of the simplest tasks faced by IT…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu