Mobile Device Data Breaches

I agree - and in addition/support to Luke’s words:

… As soon as a Device is reported stolen, all the Security Department should need to do to ‘Secure the Data’, is kill the login Account and/or Key and/or Password and/or Cookie;

Access to the Virtual Machine or Web Service/s should then be Denied.

… Hacker’s/Terrorist’s will then need to decrypt the Data on the device, find a Cookie/Key/Password, before the Device is reported stolen.

I would also like to add:
… If you (the reader) own a business, and would like to protect your companies Private Data, then I would strongly advise that you use a system like this (as described in the video). However, if you’re just a regular computer user, and are thinking of using a system like this (such as an SSL encrypted ‘Google Docs’ service for example), then I would strongly advise againt using a system like this (as described in the video), at least for your Private Data: Only use ‘cloud services’ for Data you don’t mind becoming Public, and always read the Terms and Conditions!

I agree, that you should always be suspicious of trusting your data to any third party. Do you categorically know that your data has been deleted from the cloud service when you delete it? Is it still contained in any backups or versioning? What is their disclosure policy or laws that they are bound by?

Keeping it in-house is really what I was alluding to. I know that not all companies have the ability to custom write this kind of service, but there are companies out there who can supply online analysis packages for you to host within your organisation. You must make sure that access to the service is secure though.

As a private user, your data is probably worth less than that of a business to an attacker, but this doesn’t mean that you should be any less vigilant, as data loss and identity theft can have a devastating effect on the individual. However, I was really concentrating on the enterprise in this video.