MX Logic
Resources Support Contact MX Logic Login
Search
MX Logic Advantage Services Technology Partners News & Events About MX Logic

MX Logic » MX Logic IT Security Blog
05 August 2008

Perspective is Good. Being Proactive is Better


According to this story a laptop that contained approximately 33,000 records of customers of the Clear system (Clear is a for-pay system that allows customers to go through a separate security line at some airports using a smartcard). 

Apparently the laptop has been found....in the same room that it was allegedly lost in.  The title of the article linked to above is "Laptop Discovery May End SFO Security Scare"....I couldn't disagree more.

If someone unauthorized had access to the room that the laptop was in when it disappeared, that same person had access to put the computer back after they were done with it (stealing data, installing a trojan to steal more data...the list goes on).  According to the story customer data on this laptop was NOT encrypted which means anyone who had access to the computer had unfettered access to all of the customer information stored on it which included names, addresses, birth dates, driver license numbers, and passport numbers.  Of course, now the TSA is saying that the computers must use encryption, but that is like buying flood insurance while your basement is under 8 feet of water.  Too little, too late.

This is a huge black eye for Verified Identity Pass, the company that operates the Clear program.  My favorite line in the article is where their CEO Steven Brill states "We don't believe the security or privacy of these would-be members will be compromised in any way."  The fact that their CEO would make a statement like that just underscores what little he and his company understand about security and the protection of customer information. 
Hopefully this will prompt the TSA into doing a more security oriented deep dive on all of their vendors.  It is important for them to know just how many other basements either are currently or are headed for 8 feet of water in their respective basements.  As a member of the DHS, the TSA already doesn't have a very good record as it relates to security.  Any proactive measures that they can take to ensure the security posture of their organization and the vendors they do business with will help mitigate future high-profile breaches.

Categories: Hackers Data Security Identity Theft
Posted by smasiello at 1:29 PM | Link | 0 comments
Comments

No comments found.

Post a Comment
Name:   Required
Email:   Required your email address will not be publicly displayed.

Anti-spam key

Type in the text that you see in the above image:

Your comment:

Sorry, no HTML allowed!

MSP Mentor

Privacy Policy
© MX Logic, Inc.
All Rights Reserved.

MX Logic
9781 S. Meridian Blvd. Suite 400 Englewood, CO 80112
Toll-Free: +1.877.MXLOGIC

  MX Logic provides Email Filter, Web Filter and Email Archiving services for use in network security.