Ok, I’ve been sick and tired of hearing about companies who have lax security policies, and private customer information winding up on some outsider’s laptop, let alone when it gets stolen.

According to Wired, Hotels.com auditor Earnst & Young had a laptop stolen with “personal information including names, addresses and credit card information of about 243,000 Hotels.com customers. It did not include their Social Security numbers.”

There’s a simple solution to this problem, companies handing out their customer’s vital information should either *not* do it, or require that the computers have system level encryption at the harddrive level (before the OS even boots up).

This would require the owner to enter a password before the computer starts to bootup, if not the data on the entire harddrive is encrypted and cannot easily be read by an unauthorized user.

The problem is they think the OS authentication is by some means secure. It isn’t. A thief could easily remove the harddrive, and mount it as read only from another machine, thereby bypassing the operating system authentication. If the harddrive were encrypted at bootup, this would not be so easy to circumvent.