BUSINESS

It takes 14 secs to crack your password

By Leslie D'Monte
May 15, 2006 12:17 IST

Over 60,000 mobile phones, 5,838 pocket PCs and 4,973 laptops were left in licensed taxicabs in London last year.

These figures by Pointsec, Sweden-based security experts for mobile devices, are alarming since many of these mobile devices can store around 6,000 word documents, 720,000 emails, 360,000 contact details or a staggering 7,200 pictures.

Up to one in 10 laptops will be stolen during their lifetime according to one of the law enforcement officers behind www.juststolen.net. A Symantec report suggests that an ordinary laptop holds content valued at $972,000, and that some could store as much as $8.8 million in commercially-sensitive data and intellectual property.

Passwords and firewalls are just not enough. Besides, Windows does provide data encryption facilities but experts question its efficacy. A Gartner study warns that the Windows password can be cracked in as little as 14 seconds. With less than $100, anyone can purchase password-recovery tools on the Internet.

Have you ever thought what a thief with access to these details could do? The loss could mean bank account details, personal photos, personal/business contacts, personal/ business emails, personal/business diary, passwords/PIN numbers or corporate information - all of which could cripple you in your personal or professional capacity.

Besides, the Symantec research also reveals that only 42 per cent of companies automatically back up employees' e-mails, where much of this critical data is stored, and 45 per cent leave it to the discretion of individuals.

Peter Larsson, CEO of Pointsec Mobile Technologies, says they were able to read seven out of 10 hard-drives bought over the Internet at auctions such as eBay, for less than the cost of a McDonald's meal, all of which had "supposedly" been "wiped-clean" or "re-formatted". "Antivirus software and firewalls may protect a network, but they don't protect device-stored data," asserts, Sascha Beyer, VP, Pointsec.

If the data on your old hard disk is not encrypted, ensure that you re-format the device at least eight times before you dispose it, or use professional "wiping-clean" software to erase the data. If the information is very sensitive and you want to ensure that not even the cleverest hacker will ever be able to read the old hard drive, burn it!

However, prevention may be better than cure. With Windows Vista, Microsoft is expected to tighten data protection measures. There are other solutions too. The Pointsec solution, for instance, currently targets only enterprises.

In fact, if you now buy an iMate in India, the Pointsec solution is pre-bundled as an add-on. Devices protected by Pointsec use an initial login screen. The password is a combination of pictures and not alpha-numeric (mix of alphabets and numbers). The device would shut down (if customised) after a specified number of failed log-in attempts.

If you forget the picture password, you can still use the device to make a phone call to the provider and reactivate the password. The price is around Rs 300,000 for a 25-user license (Rs 12,000 per license) for enterprises. Pointsec has nearly three million users (almost 2,000 companies) globally and around 30 companies - including Wipro Infotech and ITC Infotech - on its Indian client list.

Other players globally include Winmagic (for full-disk encryption) and Credent and Bluefire Security Technologies that offer device-based encryption and authentication tools "that work well as an additional layer", according to Larsson, who adds that "users want a full encryption solution".
Leslie D'Monte
Source:

NEXT ARTICLE

NewsBusinessMoviesSportsCricketGet AheadDiscussionLabsMyPageVideosCompany Email