It still amazes me the number of stories about apparent lack of security where IT information is concerned - but are moves like THIS perhaps too little too late? For many people all this media attention of alleged security lapses with laptops in security organisations does nothing to instill any confidence, especially post 9/11. It certainly drags something of a stain across the IT industry in general, I mean - just who are these people hiring?

I’ll be the first to admit I’m not ‘the’ expert on IT security - but there are basic common sense approaches that don’t cost huge budgets, and certainly don’t require extra equipment. A lot of security lapses are usually down to a lack of education within the staff hierarchy which negates any and all security efforts at the end of the day. It’s like building a farm and filling it with accountants! The crops won’t grow on money alone. You can have the best infrastructure in the world, the best firewalls money can buy, but when it boils down to it - when you throw ignorant (and in this context I mean ignorant as in lack of the correct knowledge) end user’s into the mix? You may as well remove all encryption, and switch your firewalls off. I have to say also that from my experience and perspective it’s sometimes IT staff who are the worst offenders!

This is a gross generalisation but it’s just the way my point appears to have come across. Too much Arbitration not enough Control where security is concerned. That’s my current take anyways