Security Watch | Matt Hines » Secure your laptop

June 28, 2006 | Comments: (0)

Secure your laptop

TAGS: Security

Utimaco sent me a note with these seven tips for securing laptop data so I'm going to pass it along to you as a reminder on portable data protection.

Takeaways:

- Security leaks are not only caused by data transfer, but by the mobile device itself
- The only effective solution is a combination of encryption, authentication and access management
- Users need self-discipline

Let's be honest: is it really the fault of problems with a virus protection program, or an insecure hotspot, if notebook users lose data? A recent Gartner study showed that 86% of all security events in wireless networks are caused by the mobile devices – and not by insecure data transfer.

Tip 1: More discipline when on the move
The only protection against being careless is more care and discipline – but that is difficult when you are under time pressure. Airline passengers lost more than 5,000 mobile devices at airports in Germany, Austria and Switzerland a survey conducted by Utimaco Safeware AG among the Lost and Found offices at the ten largest airports in the region revealed. Particularly at airports with a large number of short-distance routes that are primarily used by business travelers, several dozen mobile devices are turned in daily – on heavily traveled days, as many as a hundred. It might sound obvious, but if you travel with a notebook, you should always make sure that you really have the notebook case, including all its contents, over your shoulder before you leave the plane, taxi or train.

Tip 2: Making passwords more difficult to crack
If the worst happens, and your computer is stolen or lost, there is still hope that your personal data is not all accessible, if the password is difficult enough to crack. A mixture of characters, numbers and letters is considered the most secure – but only if passwords and keys are not stored on the hard disk. For this reason it is better if the computer prompts for a password before booting– electronic security solutions enable this. This gives an unauthorized user no chance to somehow get access to the operating system or saved data in any way.

Tip 3: Use hardware to supplement password protection
Analysts working for the Meta Group have confirmed what IT managers already know: passwords alone do not provide optimum protection for data. The alternatives have been available, and in use, for years: special smartcards or tokens – which look just like a USB stick – store key information that is used in combination with a user password to unlock the computer. Only someone who has the token and knows the password can access the system and the data saved on it. Alternatively, the user's biometric data can be stored on a smartcard. For authentication, the user's fingerprint is checked directly on the card, instead of the password.

Tip 4: Secure hibernation mode
You can set up the system to prompt for the password again when the notebook switches back from the screen saver or from hibernation mode to normal working mode. This means your data is still secure if you stop for a break or you are making a phone call in the train or airport.

Tip 5: Set up an electronic safe
As a basic principle you should never save valuable information without protecting it electronically: important papers are kept in safes. The electronic pendant is a "virtual" disk drive that securely encrypts and stores all its contents. You can very easily set up an electronic safe of this kind on local hard disks and network directories, on the PDA, and also on mobile devices such as USB sticks and smartcards, CD-ROMs and DVDs to provide secure storage of your electronic data.

Tip 6: Implement automatic encryption
Talking about the electronic safe: what use is the best safe, if the valuable data is simply left on the shelf next to it because no-one takes the time to think about whether a particular document needs protecting at all? Here, data transparent encryption is a big help. It runs automatically in the background, without being noticed, so the user does not even have to think about storing data securely.

Tip 7: Restrict plug and play
Plug and Play is convenient, but can sometimes be dangerous: if someone connects a USB stick, MP3 player or external hard disk drive to a notebook, it is recognized automatically – and it is then easy to start exporting data and passing it on to the wrong people. The alternative is to lock the computer for all memory media apart from the company's own memory sticks which cannot be used to run or read programs. This also removes the danger of accidentally loading a worm or virus on your own hard disk if you lend the data medium to someone, and get it back with a "dangerous cargo". In addition you should only use sensitive data on USB sticks when it is encrypted, as the smaller the memory device, the greater the danger that it will get lost or stolen.

Posted by Victor R. Garza on June 28, 2006 03:08 AM

RATE THIS ARTICLE: