The Tech Herald

RSAC 2012: Lost or unclaimed devices pose risk to corporate data

by Steve Ragan - Mar 5 2012, 09:00

Lost or unclaimed devices pose risk to corporate data. (IMG: J.Anderson)

After a long week of meetings and tradeshow fun, it’s time to catch-up on missed emails and sort the vast amount of business cards that were collected during the 2012 RSA Conference. Still, some of those who were in California for RSA are scrambling this week, because they left something behind.

One of our meetings last week was with Credant Technologies, a vendor that specializes in data protection. Part of our discussion centered on the risk posed by lost mobile devices, which is anything from USB drives, to laptops and tablets filled with company data. At the time of our meeting with them, Credant had just released the results of a study they did with the hotels serving the conference. Naturally, after reading their research I was reminded of my own security incident involving a lost device in 2011.

[For the curious, the recap of my personal failure is here.]

Focusing on major hotel chains in San Francisco, such as the Four Seasons, Hilton, Holiday Inn, Marriott, and Ritz Carlton, Credant learned that some 2,300 mobile devices are unlikely to make the trip back from the world’s largest security conference this year.

One Union Square hotel chain reported that more than 90-percent of the devices discovered in guest rooms, the bar, or lobby are never claimed. On average, the number of unclaimed devices hit about 45-percent.

Interestingly enough, more than 70-percent of the lost devices are last seen in the Union Square and Financial District area (were many of the common RSA-related hotels are located).

“Protecting data on mobile devices eliminates the long term consequences potentially associated with lost or stolen devices,” said Darren Shimkus, the senior vice president of marketing for Credant.

But another point not mentioned by the survey is that while most of the device owners never reclaim their lost items, it’s possible that someone else can.

It isn’t hard to get a hotel employee to check the lost and found for items with little more than a basic description. For example, more often than not, asking for a known brand or basic description is enough to get them to check and hand something over.

Exploiting the human desire to help is one of the fundamental basics to social engineering. Hotel staffers are trained to assist guests and potential guests. Thus, they’re eager to please, and if the back story is sound enough, a stranger could easily claim those lost devices for you.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Most expensive car: A guide to the world's priciest cars

The most expensive car ever sold is a 1962 Ferrari 250 GTO which changed hands for $35MILLION in May 2012. The lime-green sports car, originally built for British racing driver Sir Stirling Moss, was bought by billionaire US car collector and  businessman Craig McCaw, above, from Dutch-born tycoon Eric Heerema. It is one of just 39 Ferrari [...]

The post Most expensive car: A guide to the world's priciest cars appeared first on Autosaur.

Tesla Model X: The car of the future

For the 2014 model year, Californian electric carmaker Tesla Automotive will be rolling out its first sport utility offering the Tesla Model X — and a huge amount of thought has gone into it. SUVs have been popular in both mainstream and luxury auto lineups — especially models with three rows of seats — so [...]

The post Tesla Model X: The car of the future appeared first on Autosaur.

Most reliable cars: The complete guide

What are the most reliable cars on the road? The basic rule is: Buy Japanese. In the most recent survey of drivers’ experiences by top US group consumerreports.org, Japanese manufacturers scooped the top SIX places in the list. And one manufacture was head and shoulders above the rest: Toyota Motor Corporation. Their three brands, Scion, Toyota and [...]

The post Most reliable cars: The complete guide appeared first on Autosaur.