Mon, Aug 21 2006 5:20
The risk of being mobile
Just read that the laptop of another CPA firm doing work for a firm was stolen. The laptop had data from a retirement plan on it so it had name and social security numbers. Chevron was the affected firm and the CPA firm is yet 'unnamed". As I'm sitting here drinking the potentially bomb making Apple Juice that I have to throw away before getting on the plane, all gels, liquids, lipgloss (but not lipstick) safely in the carry on baggage getting ready for a flight to Chicago for the Illinois Business and Technology Show it strikes me that as CPAs that are required to obtain CPE on an annual basis, we need to include manditory data handling training for both desktop and mobile computing.
I'm carrying one of those "password protected laptops" that ... if I lose phyiscal access to it.... it's 'kiss that data goodbye' unless I've taken extra precautions.
So do we do ANY special education these days to ensure that data is protected? Nope. None at all. Yet on a daily basis, CPAs the world wide handle sensitive data that we are ethically bound to protect, yet we've received no such training whatsoever to ensure that it's protected that I can see.
But is the real problem how we're setting up our databases such that data fields that are sensitive are given special treatment?
Bottom line we as a profession has to do better than this.....
.. see some of you in Chicago!
Filed under: Security