Register for your Free IT Health Check Now

News

Secure That Laptop

According to an IDC/Kensington survey, 94% of small companies in Europe have suffered from laptop theft. The Nationwide Building Society has just been fined a whopping £980,000 for security breaches – all thanks to a stolen laptop.

A Pointsec Mobile Technologies survey in December revealed that 3,179 laptops and 923 USB drives were left in the back of London licensed taxis in just 6 months. How would it impact upon your business if a laptop was stolen, lost or the data compromised? As Andy Jones, Head of Security Technology Research at BT says, “data has become a valuable commodity in the criminal world, so assess your exposure and then decide how you can reduce it.” Here are a few ideas from the experts to help secure that laptop!

Agent based technology
From the theft recovery perspective there is an answer though, in the form of agent based technology, running silently on the laptop and checking in whenever an Internet connection is made. If the laptop is flagged as stolen, the police can be notified of the location. These agent-based technologies can take things a step further: “The laptop can also get updated with the latest policies, patches, and updates from the enterprise centre, and if a missing laptop logs on to Internet, it can be pre-programmed to automatically identify itself to managers and subject itself to actions that can range from wiping clean all data on a disk or otherwise rendering the machine inoperable.”

Back to basics
With the emergence of “back to basics hacking”, stealing the laptop is also the easiest way to steal the information on it. As such data protection is essential and asset tagging alone does nothing to help. “Whole disk encryption remains the only bullet proof solution” . Yet according to encryption specialists, only 44% of UK organisations actually apply it.

One of the reasons is the danger that a business might be locked out of its own data by a forgetful or vengeful employee, a problem when consumer encryption products are used within a corporate setting. “Business encryption suites include an emergency decryption key, which administrators can use to unlock data without coming to know the original password” .

Biometrics
Although integrated fingerprint scanners on laptops are becoming commonplace, not everyone is convinced of their capability. While they can be useful, they can also become a gimmick if solely used to control who can log into the operating system.

“Getting to the data within a stolen laptop is quite easy” “the thief just needs to open the device, remove the hard drive and connect it to another computer and copy the data off. All it requires is a screwdriver!” This doesn’t have to be the case, it’s “impossible with a HP notebook: HP drivelock protection marries the drive to the notebook via a unique password.” If you do go down the biometric route, make sure it’s genuinely useful.

A common sense conclusion
The best way for laptops to be kept secure is for their users to exercise some basic common sense. “Lock the screen when left on the office desk, store them somewhere safe when not in use at home”. “Even if their laptop is protected by a hundred levels of technical security, laptop owners should never let their guard down.”

Simple answers, simple questions
Authentication provides the answer, and there are 5 main solutions available:

1. Token/Fob (more commonly know as RSA SecurID)
The token has a unique 6-digit code which changes every 60 seconds. The code is recognised by software installed on your network and is your guarantee that the person who is accessing your data is the person you have authorised.
2. Mobile Phone
By issuing a one-time-use code via a text message, a mobile phone can perform the same function as an RSA-type token.
3. Smart Cards
You can program a smart card with your user’s unique credentials, be that a fingerprint or digital certificate.
4. Biometrics
The simplest for mobile users would be fingerprint-based biometrics, as manufacturers are already building the readers into laptops.
5. Proximity Authentication
A proximity solution uses a wireless receiver installed on the computer and a unique keycard, a radio transmitter carried by the user. When the keycard travels out of range, the computer is locked down automatically.

Permalink to this item - 13 Apr 2007