Given the nature of the data that have gone missing, should the people concerned change their name, address, date of birth or signature?

Surprise, surprise. Another incident of data security negligence. I find it absolutely astonishing that the people in charge of these computers think that 'maybe there were two levels of encryption installed, and that maybe people won't be able to see the data stored on them'. I don't think that a 'maybe' is comforting enough for those who will suffer from this. The fact is that IT administrators in these organisations should KNOW for a FACT that data is not going to be exposed. We are only human, and mistakes like laptop loss are always going to happen, so make sure that when they do - you are properly prepared. There are now remote data encryption and deletion services available on the market. These managed services can range from automatic machine lockdown to immediate harddrive deletion that can be triggered remotely whenever a machine is thought to be compromised. After all, a standard encryption key can eventually be broken with the right tools and knowledge. The only way to ensure data can't be obtained is to delete it, full stop.

ID fraud is a real concern. People need to be more responsible than ever before by monitoring their bank statements and credit reports to ensure fraudsters have not high jacked their accounts or opened up new lines of credit they have no knowledge of.

In the first nine months of 2009, over there were over 70,000 cases of ID fraud.

Research from CPP shops that four in ten people want companies to be fined for losing personal data. Only last week the information Commissioner's Office reported a total of 434 data breaches from organisation's in the past 12 months, up from 277 the year before.

People need to be vigilant.

I don't care if you use Truecrypt with a 4096-bit key and an unguessable password, personal data has nothing to do on a laptop, period.
The only proper security concerning people's personal data is to keep that data on the server.
It should not be put on a laptop, it should not ever get near an external auditor, and consultants shouldn't even dream of seeing it.

to know how many of the letters they send to postal voters get returned 'Not known at this address'.

Somewhat related. Years ago their was discussions about back door keys to encryption. Any company that produces software that encrypts must give a back door key to the government where the software is created. Is that true or not. I'm referring to the US but it could be in most countries. I wouldn't doubt that there are bilateral agreements in place to share those keys in an emergency. Just wondering.

erm, no.

Macs are not secure, end of. Linux is not secure. Windows is not secure. Physical access, by default, bypasses filesystem layer security. Most easily by booting off a 'live CD'.

In addition, security is not related to obscurity.

Truecrypt is everyones friend... macs, linux or win. There are others, put that is my preferred weapon of choice.
Corps could use bitlocked drives (vista/win7) or thirdparty tools for data storage, then it doesn't matter if the asset gets nicked as cracking the encryption is effectively NP.

As for the article... I bet it was an Access database with user password :D They're probably under the impression that that IS encryption .<

why don't councils use macs to hold this sort of information?

A: if the laptop got nicked, the common thief wont know how to use it.

B: if said common thief turns the machine on and does use it , it can be traced if it ever goes on-line again.

C: macs are more secure :)

D: why don't authorities use something like maglock , to physically secure a machine , even in the office ?

its seems pretty daft to me to hold any kind of sensitive data on a machine that can be picked up and pretty much put in a deep pocket. There are solutions out there which would allow them to operate , but not actually have full data on HD.

I would 100% ban the use of laptops, where any kind of sensitive data is involved. That would put an end to these almost daily embarrassing security breaches.

"It is troubling that the data was on a portable machine and it was accessible for someone to walk off with it."

What is it with civil service types and the need to store sensitive information on laptops - just how stupid are these people????