Move the Data.

No link. Just a simple suggestion. The number of stories of mainframe storage being compromised to steal identity data are very few, but it seems we’re hitting a once a month story of a laptop that got lapnapped. Thousands, millions of peoples’ data out there in the ethers floating.

Now, in all likelihood the data was not the target of the thefts. A laptop is a nice score for a minor criminal; they are easy to move, liquid. The risk, if caught, is not monumental and the risk of being caught is not either. Identity theft or conspiracy to commit fraud, those are not things the average thief after a quick turn of a laptop wants to involve themselves in for the most part. Maybe the reward is greater, but so are the risks and the punishments.

So we need to recognize that rather than giving thousands, millions of people an extra dose of stress for an indeterminable time period, we should seek to change the way companies and governments store and access their data. I was just commenting about how the Library of Congress search is not a good example of government leading the way in technologies that bring information access to new thresholds. Neither do they set a good example for information security.

The solution is to put the sensitive data behind the firewall, behind the encrypted protocol, behind the password protected server login. Some need the data on the go? All the more reason to move forward in our information delivery infrastructure. More pipes, more availability. There is simply no excuse to take that data and wrap it in what amounts to a candy wrapper and place it on the entrancetable’s candy dish. A laptop is a tempting thing to steal, and it doesn’t really matter what data is on it. A majority of the time the goal will not be data, but the ability to turn that laptop into quick, easy money.

So, let’s use some sense.