A single data loss can be devastating to a company. This can damage the company's reputation, in addition to costing the company millions of dollars. Such a breach can result in compliance violations on the federal and state level. On the federal level there are several disclosure laws already in place:

• HIPAA (Health Insurance Portability and Accountability Act)
• GLBA (Gramm-Leach-Bliley Act)
• FISMA (Federal Information Security Management Act)
• FACTA (Fair and Accurate Credit Transactions Act)
• OMB Memo (M06-16)

According to analyst firm IDC, as much as 60 percent of corporate data resides unprotected on desktop and laptop computers. With that concentration of data, the organization must take precautionary steps to protect this sensitive information. Several solutions are available to protect the organization.

Encryption
Full disk encryption can help meet compliance requirements, but does not necessarily eliminate risk. Full disk encryption is transparent to the user, but can fail due to human error. It stops short of being a comprehensive solution if an unauthorized user gains access to the authentication credentials; should the user's password be compromised the data can instantly be decrypted and vulnerable.

Consider the internal risks. If a user becomes unauthorized (contractor term expires, employee resigns, employee is terminated) but has possession of the computer, encryption will again provide no protection. For encryption to be effective the thief must not have the ability to input the correct password.

Data Destruction
Data destruction is an emerging solution for the CIO to consider. The concept of data destruction is data on the computer is more important than the hardware, and the organization must ensure the data is destroyed with certainty and verification. Once an organization has determined the computer is unable to be recovered physically, the company can ensure the data can not be accessed. By combining encryption with data destruction Beachhead Solutions' Lost Data Destruction (LDD) offers a final step.

LDD works through client/host communication. Should a computer go missing, the administrator marks the computer as unrecoverable. The next time the computer obtains a network connection and checks in the computer will be notified of the status change and will begin the self destruction sequence. This process is straightforward, but is dependent on the computer obtaining a network connection. There are additional triggers that can be put into place should the laptop not connect to the Internet. Such triggers are based on administrator-created preset rules including, number of unsuccessful login attempts and maximum time allowed between client/host communication events. The customizable rules allow for data destruction of a particular file, folder or the entire PC.