A laptop, more than any other type of computer, is a security hole. If sensitive data is stored or cached (Offline Files) locally, then losing a laptop to theft or negligence is a severe problem for you as well as your clients.
Here’s how to configure your laptop to be more secure.
1. Hard Disk Encryption
If you’re using Windows Vista, consider using Vista’s BitLocker drive encryption software. If you’re using Windows XP or another operating system, there are a number of third party full-disk encryption products available on the market.
Although you can use EFS (Encrypting File System) to achieve a similar goal, full disk encryption provides better protection as everything on your disk gets protected and you don’t have to worry about saving files to a particular location.
2. Homing Device?
Protecting data is extremely important but if your laptop is lost or stolen, you probably want it back. To this end, install software on your computer that tracks its location should it ever be lost or stolen. Most laptop theft recovery software installs to an undetectable location on the laptop and the software cannot be erased from the system.
Each time the computer connects to the Internet, it reports in with the software manufacturer. In the event that the computer is reported to the recovery software company as stolen or missing, the company tracks down the physical location of the laptop and then notifies the authorities. In many cases, the hardware is actually recovered. However, even if the laptop is recovered, you can’t be sure that the thief didn’t compromise your data.
Some tracking software includes the ability to remotely delete information from the laptop as well. This feature can be a lifesaver if a laptop with sensitive information is stolen. With this capability, you’ll be able to delete potentially sensitive information before it falls into the wrong hands.
3. Viruses and Spyware
The two pronged antivirus/antispyware software blaster will do far more to protect your assets than a single application that handles only virus-busting. These days, spyware is probably a worse problem for many organizations then viruses were back in the day. Many spyware infestations install keylogging software and other kinds of monitoring software designed to gain access to private information. Laptops can be especially vulnerable to spyware since they often spend time outside the organization’s protective firewalls.
4. Locking Down and Screaming Loud
Even those employees that are issued laptops don’t always carry them everywhere. Often laptops are left unattended in employees offices, in hotel rooms or at home. There are numerous documented cases of laptops containing sensitive information being stolen from homes, airports, hotels, and even people’s offices. If you’re traveling or using a laptop at home, consider taking a security cable and lock (such as a Kensington lock or a cable combination lock) with you that you can wrap around a table leg. Although a solution like this will not completely prevent laptop theft, most thieves go after easy targets. Any obstacles you can put in place will discourage would-be thieves.
Laptop Alarm is software that triggers an alarm on your laptop when the A/C adapter is unplugged. If someone tries to steal your laptop, they are of course going to have to disconnect the AC power. Mind you, with cable theft on the rise, thieves might just take your laptop and the copper wiring from your office. =)
5. Software Firewall
A software firewall, ZoneAlarm for example, goes a long way toward protecting a system. Such software keeps unwanted traffic away from your computer. However, not every system necessarily needs a software firewall. If you need to pick target systems on which a software firewall will be used, seriously consider laptops in your plans.
As I mentioned before, laptop computers often spend time outside your company firewall, meaning that they lose the important protection of those devices. Especially if you’re out in the wild using an unsecured wireless network, a firewall will help to keep your computer from being subject to attack.
Even though they come frequently and can be a hard to keep up with sometimes, staying current on all of your installed software is critical. A number of patches are designed to correct bugs that result in vulnerabilities that can be exploited. Implement an automated system such as WSUS or, at the very least, configure your laptop for automatic updates so that patches are applied as they become available.
7. Password Strength
Passwords remain the most common way to secure resources, including laptop computers. Again, since laptops are often in the wild, it becomes even more important to use a strong password to lessen the risk that a local account is compromised. Make sure that all local accounts are appropriately secured, including the local Administrator account.
8. No Strings Attached
Wireless networks are everywhere — from Barnes and Noble to Starbucks, and even McDonalds. In most of these cases, even though you often have to sign up to use the connection, the wireless service is insecure meaning that anyone within range of your laptop can pick up everything you see, do and type. Obviously, this is not good.
If you’re working from one of these locations and find it necessary to work on something sensitive, try to connect to your organization’s VPN service and do your work via that connection instead. With the right kind of VPN in place, traffic between your laptop and your organization’s network will be encrypted. If information security is a critical concern, only use wireless networks that are secured with WPA or WPA2. This isn’t a perfect solution, but is much better than using only WEP.
9. Services – What you dont’t need
Every service that runs on your laptop increases the attack surface of your computer, especially services that listen on particular ports. To help further protect a roving laptop, disable any services that you don’t need to do your job.
Refer to our E-Book section for documentation on which services can be disabled for you specific version of windows.
10. Insure – Rest assured
After dealing with the pain of losing data fades, you will realise that you are going to need a replacement for the laptop that you have just lost. Thank goodness for insurance! As much as we like to moan about them, they do seem to have some sort of purpose.