Our free e-newsletter reviews best practices in risk management.
Have you ever left your laptop computer unattended - in a coffee shop, a hotel room,
a car or while talking on the telephone?
Mobile devices can store vast amounts of sensitive personal, company and client information that must be kept secure...
If you have ever left your laptop unattended, you have risked releasing sensitive personal, client and company information. So keep your laptop at your side in full view, where it can’t be stolen. And before leaving a laptop behind in a hotel room, attach a locking security cable to the Universal Security Slot (USS) and wrap the cable around an immovable object. For laptops that do not have a USS (approximately 80% of laptops have a USS slot), you can purchase adhesive connectors that mount directly to your laptop casing.
Following are additional security tips:
Secure all company laptops. Do you know where your company’s laptop computers are? You should. When not in use, laptops should be kept behind a locked door. Weekly audits are a bare minimum. Develop and publish company policy regarding who can remove laptops from company premises and when they can do so. Keep a login/logout sheet. Make sure staff understands security protocol for any laptop that has been removed from the office.
Back up files. You may have been a sure handed starting shortstop for your high school baseball team, but still you could drop your laptop when you are on the road. Or even lose it. Before removing your laptop from your office, back up your files. Advise staff regarding this requirement.
Sharing laptops is not a virtue. Never allow another person to use your laptop to check personal e-mail, driving instructions, a weather forecast or any other information. What are the risks? The user could attach sensitive files stored on your computer to an e-mail that is sent to his own address. Also, the user could visit websites you would prefer were not added to your history.
Beware of unintentional piggybacking. Many of us have done it, scanned for an open wireless network signal when trying to logon to the Internet with a laptop computer. It could also be done unintentionally, though, and this could spell trouble.
How could this happen? Many wireless access points – hot spots -- are configured without encryption by default, and commonly used operating systems such as Windows XP SP2 and Mac OS X may be configured to automatically connect to any available wireless network. What’s more, while intending to join one network you may instead join another one with a stronger signal.
However it happens you could potentially send sensitive data to the wrong middleman when seeking an internet destination. For example, you could unintentionally use an insecure network to login to a website, thereby making your login credentials available to anyone who might be listening, if the website is using an insecure protocol like HTTP, rather than a secure protocol like HTTPS.
The bottom line: When accessing the Internet through a wireless network, check your network settings to make sure you are connecting through your intended wireless network.
Following are additional security tips:
Secure all company laptops. Do you know where your company’s laptop computers are? You should. When not in use, laptops should be kept behind a locked door. Weekly audits are a bare minimum. Develop and publish company policy regarding who can remove laptops from company premises and when they can do so. Keep a login/logout sheet. Make sure staff understands security protocol for any laptop that has been removed from the office.
Back up files. You may have been a sure handed starting shortstop for your high school baseball team, but still you could drop your laptop when you are on the road. Or even lose it. Before removing your laptop from your office, back up your files. Advise staff regarding this requirement.
Sharing laptops is not a virtue. Never allow another person to use your laptop to check personal e-mail, driving instructions, a weather forecast or any other information. What are the risks? The user could attach sensitive files stored on your computer to an e-mail that is sent to his own address. Also, the user could visit websites you would prefer were not added to your history.
Beware of unintentional piggybacking. Many of us have done it, scanned for an open wireless network signal when trying to logon to the Internet with a laptop computer. It could also be done unintentionally, though, and this could spell trouble.
How could this happen? Many wireless access points – hot spots -- are configured without encryption by default, and commonly used operating systems such as Windows XP SP2 and Mac OS X may be configured to automatically connect to any available wireless network. What’s more, while intending to join one network you may instead join another one with a stronger signal.
However it happens you could potentially send sensitive data to the wrong middleman when seeking an internet destination. For example, you could unintentionally use an insecure network to login to a website, thereby making your login credentials available to anyone who might be listening, if the website is using an insecure protocol like HTTP, rather than a secure protocol like HTTPS.
The bottom line: When accessing the Internet through a wireless network, check your network settings to make sure you are connecting through your intended wireless network.
