The Swimmer Drowns

DQI Bureau
New Update

For me it was a very embarrassing experience. "Computer

Editor saab, aap ka laptop chori ho gaya" was the first thing I heard when

I returned home that evening with a heavy heart. This was my elderly neighbor,

who always called me as Computer Editor, just because I edit an IT trade

magazine. But it was his stark sarcasm that made me realize that being careless

with my laptop was the last thing he expected from me. The fact that I realized

(and was made to realize next day in my office) was that the value of the data

stored in my laptop was far more than the laptop itself. My old neighbor

obviously did not know about this, otherwise he would have taken one more pot

shot at me. And since I had no passwords or any form of security protection for

all the data on my laptop, I am sure the thief who stole my laptop from my car,

would have got all the valuable (as well as useless) data residing on my laptop.


There is no way IT

managers, who also have to be role models for all other users in their

organizations, can become victims of device and data theft

What surprises me, and at the same time gives me a lot of

consolation, almost 18 months after my laptop was stolen, is a survey report

according to which IT managers-I hope they are not the CIOs-are very callous

about security. This 2005 survey, which covered 73 IT managers, out of which 25

came from organizations employing more than 1000 people, found out that almost

22% of the IT managers had lost their mobile device such as PDAs and smartphones.

And with it they lost sensitive and valuable information like

corporate spreadsheets, emails, PPTs, personal names and addresses, business

names and addresses, telephone diary, bank account details and other passwords.

Worse, almost 81% of these so called experts, people who are also expected to be

more security sensitive, admitted that they had not put any passwords or

encryptions. Yes, valuable information could fall into wrong hands, namely, the



The story does not end here. Only 40% of the victims reported

the matter to the police, because a majority felt that the police will really

not be able to do much and that it will a waste of time going to them.

Interestingly, my experience was similar. The Gurgaon police refused to register

an FIR, asking what proof I had that my laptop was stolen, and if I could prove

that, then what proof did I have that it was my laptop, and so on and so forth.

In other words, they refused to help me.

A clear and increasing trend is that professionals are storing

lots of data on their mobile devices-and not just laptops but also PDAs and

phones. Interestingly, the same survey for the year 2004 had reported 16% cases

of loss of these devices, as against 22% in 2005. Clearly, the rate of such

incidents is on the increase. Therefore, there is no way IT managers, who also

have to be role models for all other users in their organizations, can be so

callous. It is these IT managers who chalk out the company's technology

roadmap and influence IT adoption. If they cannot take care of security, who


Actually, organizations will have to take note of this and start

formulating some kind of a policy that safeguards such devices and all the

information stored on them. With so many gadgets available today including

digicams, pen drives, and iPODs, which carry around personal as well as

corporate information, vulnerability will only be on the rise.

Secondly, they will have to sensitize their IT managers and CIOs to be extra

careful, and not fall prey. I would even venture to suggest that they should let

CIOs go through a special program to educate them about the latest trends in

threat to mobile devices. Otherwise, like an overconfident swimmer, the CIO will

drown, and also pull the company down with him.