Wednesday, July 9, 2008

5 rules to Protecting Information on your Laptop

Business laptops are a treasure for every hacker or corporate spy. The average corporate laptop is full of business email, confidential documents and more often then not, the user of the laptop has the same passwords on the laptop as on his corporate application and e-mail.

Here is a truly bizarre example of what could happen: Lifetime of FREE BEER for Laptop
Private laptops are also very interesting (especially those of celebrities)

And yet, the security awareness of the owners of laptops is somewhat lacking. So here are 5 simple rules that can help you keep your laptop safe:

  1. Do not leave a laptop unattended in areas accessible by the general public - Leaving a laptop anywhere where it can be seen and picked up by another person is a very bad idea. This includes the table in your favorite cafe, the company cafeteria, airport lounge or waiting room, even an unlocked office where there is a possibility for an untrusted person to walk in.
  2. If you must leave your laptop, secure it - In the unlikely case where you must leave your laptop, make sure it is very difficult for someone to steal it. Either place it in a cabinet (preferably locked) or use a Kensington Lock to bind your laptop to something difficult to move (office furniture, central heating pipes).
  3. Carry your laptop in an inconspicuous bag - Avoid manufacturer branded laptop cases, since they scream "there is a laptop in here". Simply, invest $30-$40 in a simple unmarked document bag which has a laptop compartment. NOTE:DO NOT go overboard and buy a designer bag costing as much as the laptop, since then the bag itself will be a target for theft.
  4. Do not leave a laptop in a visible place in your car - A lot of petty criminals can see an excellent opportunity to steal any kind of bag left on a seat of a parked vehicle. Ideally, never leave your laptop in the car. If it must be left, place it in the trunk of the car, and check that you have locked the car and fully closed all windows.
  5. Encrypt the entire hard drive - if all else fails, the value of the information within the laptop is usually much greater then the value of the hardware. Encrypting the entire hard drive will make much more difficult for the thief to extract the valuable information, and can prolong the extraction time to a point when the extracted information will be useless. Encrypting the entire hard drive will cause performance reduction of the disk subsystem, but this is always acceptable when compared to the protection it offers, even for home users. There are several products which can perform full drive encryption like Windows Vista BitLocker, a free TrueCrypt software, and several commercial add-on packages. NOTE: Do not try encrypting only part of the hard drive or certain files. This will not add too much security, since the attacker has an entire computer full of data to search for clues to your decryption password.

Further reading

Vista BitLocker at Microsoft

TrueCrypt portal

Comparison of Disk Encryption Software at Wikipedia

0 comments:

Visitors