When it comes to laptop and notebook computers, their greatest strength can often seem to be their most profound weakness. The very portability that makes them such useful tools for the mobile professional leaves them vulnerable to a host of catastrophes that never faced the average desktop machine.
Fortunately for the IT manager, tools, and capabilities to keep mobile data safe have grown in strength to keep up with the demand—assuming, of course, that you choose and deploy them correctly.
Strip out the value
The first and most important thing to do is make sure that any data on the system has no value to possible thieves.
The simplest way to do this is to encrypt everything on the disk—certainly everything that might possibly be sensitive. For encryption to be effective, of course, the information has to be available to the authorized user and garbled for everyone else. That’s why authentication is the powerful adjunct to encryption.
Check the hardware
The current generation of laptop CPUs has features that help secure the systems, eliminating possibilities for criminals to insert exploits that take effect before the security and anti-intrusion code is activated at boot time.
One of the keys for any manager putting laptops into the field is to make sure that the operating system and security software take advantage of the capabilities provided by the hardware—don’t lightly ignore the chance to be more secure.
Low tech works, too
One of the other frequently ignored security laptop features is one of the simplest: the laptop lock port. Sometimes called a Kensington lock port after a company that has made many products that work with the port, this is a small slot on either a side or the rear of the computer. The slot in the case is often matched by a slot in the chassis so that a locking mechanism and cable can be attached to the computer and the computer then attached to something solid and heavy to make physical theft more difficult.
Users can be losers
With the contents and physical package of the laptop protected by technology, your attention should turn to the users and the training they’ll receive on best practices for safe mobile computing. And when it comes to that training, there are four words that should be part of the course, no matter what other specifics you employ. The four words? “Do it every time”.
In too many cases of computer security failure, the employee through whose computer the attacker entered knew what to do, had the right tools at their disposal, but had cut corners “just this one time,” because they were in a hurry and only had a simple task to complete. That’s all it takes to bring evil into the halls of your organization, and it’s why your secure process must be followed every time, with no exceptions.
Keeping your laptops and their contents safe isn’t difficult with technology’s help, but it does require consistent application of the right tools. Teach your users well, and you raise the odds that you won’t be on the evening news for your massive data breach.