| Laptop Security Assessment
| |
| | requiring the user to log and maintain a
|
| Did you know that your company's
| |
| | minimal set of confidential information
|
| confidential information is climbing over
| |
| | on the laptop between trips out of the
|
| your corporate firewall and escaping from
| |
| | office. By maintaining a log and keeping
|
| your fancy intrusion detection systems?
| |
| | minimal data on the laptop, liability is
|
| Every day, gigabytes of information walk
| |
| | limited should an incident occur.
|
| right out your front door - on your
| |
| | Rather than storing confidential
|
| company's laptops. How expensive would it
| |
| | information directly on the laptop, it
|
| be if one of these laptops was stolen?
| |
| | should be stored on external storage,
|
| Before you start checking the deductible
| |
| | allowing the laptop to remain void of any
|
| on your insurance premium, take a second
| |
| | confidential information. External
|
| to do a security assessment on the true
| |
| | storage solutions include network storage
|
| value of the laptop: the information
| |
| | (file servers), online data stores
|
| stored within. Making it even more
| |
| | (websites) and locally attached storage
|
| valuable, or at least potentially costly,
| |
| | devices (discs or USB flash drives). USB
|
| is the passage into law of California
| |
| | flash drives are very convenient, holding
|
| Senate Bill 1386 (SB1386). The burden of
| |
| | large amounts of data on a key-sized
|
| maintaining information confidentiality
| |
| | device for under $100.
|
| has been pushed onto the information
| |
| | Laptops using a network to download
|
| holder - you.
| |
| | confidential information should not
|
| Per SB1386: Following discovery or
| |
| | locally cache data. Locally attached
|
| notification of the breach in the
| |
| | storage devices need to be kept separate
|
| security of the data to any resident of
| |
| | from the laptop when not in use, and
|
| California whose unencrypted personal
| |
| | travel separately from the laptop.
|
| information [being a name and social
| |
| | Security assessments show that this
|
| security, drivers license or account,
| |
| | eliminates any exposure should the laptop
|
| credit or debit card number] was, or is
| |
| | be stolen, the most likely target of a
|
| reasonably believed to have been,
| |
| | thief, but users definitely need to be
|
| acquired by an unauthorized
| |
| | vigilant about keeping the external
|
| person...shall disclose any breach
| |
| | storage device secure.
|
| [potentially including] notification to
| |
| | A firewall and a VPN should be required
|
| major statewide media.
| |
| | when a laptop is attached to any remote
|
| While there are no direct civil penalties
| |
| | network, if the policy even allows
|
| or fines, the disclosure requirements of
| |
| | laptops to be connected to remote
|
| the law are severe enough to hurt the
| |
| | networks. Wireless networks should never
|
| viability of even the most reputable
| |
| | be considered secure, as the majority are
|
| institution. And, even though it's a
| |
| | easily tapped. Hotel and coffee shop
|
| California law, it has national
| |
| | wireless networks are typically run in an
|
| implications because of the media
| |
| | unencrypted manner allowing anyone to
|
| notification clause. With this in mind,
| |
| | watch network traffic to and from
|
| how much of a liability might that stolen
| |
| | laptops. The encryption in modern
|
| laptop become? With a little up-front due
| |
| | wireless devices is dreadfully inadequate
|
| diligence and security assessment, these
| |
| | and defeated by a number of readily
|
| liabilities can be reduced by taking some
| |
| | available tools. A personal firewall will
|
| simple steps to help prevent laptop
| |
| | prevent malicious users from connecting
|
| incidents from occurring.
| |
| | to the laptop and a VPN will encrypt any
|
| Security Assessment: Threats
| |
| | data sent from the laptop across the air.
|
| Security assessments show that the
| |
| | Wired remote networks, such as home
|
| information on a laptop can be
| |
| | office DSL, cable modem and dial-up,
|
| compromised in two ways: physical theft
| |
| | carry the same threats as wireless
|
| of the laptop itself, or a network
| |
| | networks, in that malicious users can
|
| intrusion while the laptop is attached to
| |
| | watch unencrypted data across the network
|
| an unprotected external network.
| |
| | and initiate attacks on an unprotected
|
| From the security checkpoint at airports
| |
| | laptop. Once again, security assessments
|
| to the back of rental cars to the
| |
| | show that a personal firewall and VPN
|
| presenter table at a conference,
| |
| | should be in place if the laptop is even
|
| information thieves are walking away with
| |
| | allowed to connect to a remote network in
|
| laptops every day. While the motivation
| |
| | the first place.
|
| of most of these thefts is not for the
| |
| | Data Security Assessment
|
| information stored on the laptop but the
| |
| | As mentioned above, the amount of
|
| hardware itself, there have been
| |
| | information stored on a laptop should be
|
| incidents where specific individuals'
| |
| | kept to a bare minimum. Rather than
|
| laptops have been targeted for the
| |
| | loading up a laptop with all the user
|
| information stored within.
| |
| | information, just download the
|
| Security assessments show that connecting
| |
| | information that is required for this
|
| a laptop to a remote network is the other
| |
| | trip out the office. On the next trip,
|
| easy way to compromise the security of
| |
| | clean out the old data and load up the
|
| confidential information. Remote networks
| |
| | new. If an incident occurs, then the
|
| vary from the wireless access point (WAP)
| |
| | liability is much more limited.
|
| at your local coffee shop, to wired
| |
| | Data encryption and digital rights
|
| connections in a hotel room and the cable
| |
| | management (DRM) solutions are coming of
|
| modem in your home office.
| |
| | age and will soon be encrypting all
|
| Thinking about using that wireless
| |
| | information across networks and laptops.
|
| network at Starbucks without a personal
| |
| | With a DRM solution, all information is
|
| firewall or VPN? You might as well just
| |
| | encrypted, and requires the user to enter
|
| run a patch cable around your corporate
| |
| | a password to view files, making security
|
| firewall directly to your laptop. Both
| |
| | assessment simpler. In addition, a
|
| ways, security assessments show that your
| |
| | detailed history of requested licenses is
|
| computers are exposed.
| |
| | maintained, which is crucial in case of
|
| Security Assessment: Policies and
| |
| | laptop theft.
|
| Procedures
| |
| | Hopefully, you'll never have to worry
|
| As always, the easiest way to prevent
| |
| | about a laptop theft, but with a few of
|
| something from happening is to implement
| |
| | these suggestions the risks can be
|
| policies and procedures to ban activities
| |
| | mitigated. Laptops are becoming a
|
| that might compromise data security, and
| |
| | pervasive part of today's mobile society,
|
| to thoroughly train your employees to
| |
| | and some will disappear. However, with a
|
| follow said procedures.
| |
| | few of these suggestions and vigilant
|
| A very simple policy and cost-effective
| |
| | security assessment, the liability will
|
| procedure is to limit the amount of
| |
| | be minimal, there won't be any
|
| confidential information on a laptop.
| |
| | information loss, and your only concern
|
| This could be enforced by a periodic
| |
| | will be which shiny new laptop model
|
| security assessment, wiping clean the
| |
| | you'll have to order.
|
| laptop of all user information and
| |
| |
|
