Checklist for a Layered Approach to Laptop Security 
(08/01/2008)
Here is a quick checklist of best practices for protecting data on mobile assets:
1. Understand the risks. As organisations open up their networks to their mobile workforce, partners, customers and others, they expose themselves to greater security risks than when traffic was mostly internal.
2. Be proactive. If you cannot identify the weaknesses in your network’s security, someone or something will exploit those vulnerabilities. Educate yourself on current security risks, including the tools and techniques used by cyber criminals. Data security is a moving target that requires ongoing attention.
3. Use cable locks on laptops as visual deterrents. Most cable locks can be ripped off the plastic exterior of a laptop with a strong tug. Like ink-filled garment security tags in clothing stores, cable locks leave a mark when removed by force, but are ineffective at preventing many thefts.
4. Avoid leaving unsecured notebooks unattended. Lock them in cupboards, notebook carts or other secure facilities when not in use. If they must be left in a vehicle, they should be covered up or locked in the boot of your car.
5. Keep laptops inconspicuous. Laptops should be carried in inconspicuous carrying cases, such as backpacks or tote bags, instead of telltale laptop bags.
6. Install anti-virus software, encryption and firewalls. Prevent unauthorised access and protect valuable information with data encryption software. Keep all software products updated with the latest versions or patches to help minimise security holes. Ensure web servers, operating systems and line of business applications are fully patched.
7. Back up valuable data on a scheduled basis. Data backup needs to happen frequently to minimise the risk to the organisation in the event of loss.
8. Create a contingency plan. Identify possible damage should a breach in security occur; also consider how to serve stakeholders in the event of catastrophe. Contingency plans for security should be integrated with overall disaster recovery plans.
9. Use asset tracking and recovery software. Install an asset tracking and recovery tool such as Absolute Software’s Computrace®One™ to track and recover computers that are lost or stolen, and monitor any changes or disappearances in computer memory, hard drives or peripherals.
10. Invest in advanced data protection. Use ComputraceOne to track fixed, remote and mobile computer assets and remotely wipe sensitive information in the event that a computer is lost, stolen or nearing the end of its lifecycle.
Absolute Software is exhibiting at Infosecurity Europe 2008, on the 22nd – 24th April 2008 in the Grand Hall, Olympia, www.infosec.co.uk
Related topics: Computer and PC Security Locks and safes Mobile and Wireless Security
Print version | 
Email to a friend | 
Related articles
Other Security news and resources
IT Security white papers and research library
Access Control Authentication Data Management Data Security Digital Signatures Email Security Identity Management Internet Security Intrusion Prevention Network Security Remote access security Security Management Security Policies Security Software Security Threats Virus Detection Software Virus Protection VPN Vulnerability Assessment Wireless Security
Security books, guides, standards and toolkits
RFID and Smart Cards books, guides and reference documents Biometric books, guides and reference documents CCTV books, guides and reference documents Intruder alarms and intrusion detection systems books, guides and reference documents Monitoring and surveillance books, guides and reference documents IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits Fire, Health & Safety books, guides and reference documents
