mobile device encryption article response

Today’s article rant comes from ComputerWorld’s article titled, “Failure to encrypt portable devices inexcusable, say analysts.” The quote from the article is actually, “‘”There really is no excuse for not encrypting laptops …'” In this world of smartphones and mobile devices, that’s a *huge* distinction, especially since you’re still being told, “good luck,” when it comes to smartphone encryption (Droid Pro being an exception).

Also, it’s annoying to make such blanket statements about inexcusable security measures. It’s inexcusable that orgs not do a risk analysis of their mobile devices and determine whether device encryption is going to be worth their time and money. It may not be.

But I do wonder if executives and managers are vastly naive about the sorts of data their employees are storing on laptops. Many such leaders have verbal expectations that sensitive data is protected and not placed on laptops and how their employees are smarter than that, and so on, but that’s getting back to management by belief, which is a gamble you will eventually lose.

Sometimes it makes me wonder. We trust employees to make proper choices, but then we want employees to be innovative and get their tasks done and be creative. Those values can be just as at odds with each other as security and usability.