Deal of the week: Laptop Computer for $25,000
Not only do you get to spend $25,000 for an old (and stolen) laptop, you also get to hire a consultant and spend your holiday season basking in an embarrassing limelight.
The financial consulting firm Ameriprise has reportedly reached an agreement with the Commonwealth of Massachusetts relating to a stolen laptop that contained personal information regarding some of their customers. The laptop was later recovered and there were no reports of any harm due to the data breach.
A Reuters report stated that Ameriprise Financial Inc., "has agreed to hire a consultant to review its laptop policies after the theft of one of its computers exposed the personal data of more than 150.000 clients. The $25,000 goes to the office of William Galvin, secretary of the state of Massachusetts to cover the cost of the investigation.
According to the account in The Boston Globe, in addition to the settlement and the agreement to hire a consultant, "Ameriprise spokesman Steven Connolly said that the data should have been encrypted and that an employee was fired over the violation of company policy."
This settlement should get CIOs and tech managers and corporate officials to pay attention to the liabilities involved in data breaches and get serious about not only setting a policy (easy to do) but funding a program to thwart easily viewed corporate data being toted around on laptops. For an article on how to prevent laptop data loss, click here.( .
The entrance of state regulators into what had been largely an issue between corporate customers and corporate officers raises the possibility of making data loss far more costly to companies. In addition to fines and agreements, the amount of data loss and the lax standards that possibly led to the data loss can now become a matter of public record and media exposure.
So before you find yourself on the front page spending $25,000 on a laptop that is probably worth less than $1,000, think about the data that laptop might contain, what are your responsibilities regarding the data and what you need to do right now to protect yourself and your company's data.