Securing your laptop

Written by Lila
Friday, 12 June 2009 09:07
Hits smaller text tool iconmedium text tool iconlarger text tool icon
I didn't think twice about security when I first bought a laptop. Then it got stolen. One day when I was picking up the kids from school, someone came into my house (uninvited) through an open window and took my laptop right off of my desk. I was gone for only 15 minutes When I got the replacement I stepped up my security and I suggest you look into it too!
.
Although the article is a few years old, the steps to take are still valid. Today I ran into a separate article that confirmed one of the very basic (step #9 below) and easiest steps you can take to get your laptop back. I've decided to share this article with you, along with my own comments and suggestions [in blue].
Oh yes... after the theft, I immediately signed up for www.lifelock.com. Luckily, nothing happened, but hopefully it will prevent problems if it does!
.
---
More than likely, your organization's laptops contain sensitive information that you can't afford to lose. But all too often, IT pros don't close the barn door until after the horse has escaped. You need to take steps to safeguard laptops and the information on them before you lose them. Here are the 10 most important steps you can take to secure laptops.
.
10. Never leave your laptop unattended—As in the data center, physical security is your first and best friend. If you leave your laptop unattended, even for just a few seconds, you're asking for trouble. Likewise, zip up your travel bag when your laptop is in it. In addition to preventing your laptop from accidentally falling out, zipping the case makes it much more difficult for someone to lift out that new ultraportable when your back is turned.
.
[I'm going to add that using a laptop case with the manufactures name emblazed on the side is basically screaming "steal me" when you're at a public place. I bought a silly looking pink backpack from Target that had a separate compartment for a laptop which was much cheaper than the standard laptop case (especially if you find one on sale). Not only does it NOT say "I've got a laptop in side of me, but it would be easy to spot walking down the hall when you start looking around when you notice it gone.]
.
9. Attach identification—Affix one of the several available commercial asset tags to your laptop, or at the very least tape your business card to the computer. Although it will usually be the first thing to go if someone actually steals your laptop, a tag can help prevent other business travelers from accidentally picking up the wrong laptop at the airport and can help you identify your computer if someone tries to walk away with it.
.
[This seems like a no brainer, but if your laptop disappears, it's gone for good, right? WRONG!!! I just found proof  that it might come back to you IF PROPERLY LABELED! The following article only talks about laptops, but just think how many cell phones and cameras are in the lost and found along with those 12,000 laptops a WEEK that end up in airport lost and found (and that's just airports).
.
The biggest problem here is how to label them so the labels last. Yes, you can tape your business card to it, but how long will that last? At one company who refused to shell out money for asset tags I used mailing labels, printed out basic contact info, and put it under the battery where it wouldn't get worn off, but what "lost and found attendant" is going to look under there (although when identifying it over the phone you could explain where the label is and then "oh... yep... it's here"). Sharpie's fade and regular paper labels wear off quickly. You could buy professional asset tags, but they can be expensive.
.
After much Googling, I found a place that gives away free (only $2.50 SH) golf club labels that actually work really well! They do have a sponsor website on them, but to be honest... I just cut it off. I put these on all of my electronics... my cell phone, my camera etc. For small electronics, the label is usually a bit big anyway, so I trim off the excess. You can also buy them without sponsor info for $9.95.
.
This is how I format them. First line is "Please Contact". Second line is my email address. Third line is my home number and fourth is my cell number. Why? So that when I put the label on my cell phone I can cut off my cell number (it's on the bottom) so a thief doesn't easily have my cell number when they have my phone.]
.
8. Invest in a cable lock—Almost all modern laptops are equipped with a security slot that lets you attach a cable lock. Cable locks are inexpensive and easily portable. You can use them to secure your laptop to a large object, such as the desk in your hotel room or even your desk at work. (Forty percent of all laptop theft happens at the office.)
.
[After my home incident, I recommend buying multiples. Have one at your desk at home (to prevent what happened to me), at your office and in your laptop bag to take with you. At the last office I worked at, the only laptop that disappeared in the 15 months I was there happened after hours and directly from the guys desk.]
.
7. Limit the sensitive information on your laptop—When you travel, you put your information at risk no matter how careful you are. If you must store sensitive files, don't give them names that immediately reveal their contents (e.g., MyPasswords.txt).
.
6. Password-protect the BIOS—All modern BIOS configurations support password protection. Although this protection can be circumvented, password-protecting the BIOS can prevent someone from changing the BIOS and from booting the system without using the password. Also, configure the BIOS to boot first from the hard drive.
. 
[This one might be tough for the casual user. With my first laptop I did a limited version of this, but once it was gone I wished I had gone a bit further. If I have recently helped you configure your laptop you will notice you have to type in a password before you type in your windows password. This is the BIOS password. I have researched Dell's BOIS password and found that it's very hard (but not impossible) to crack. Thing is, the harder you make it, the more secure your data will be.]
.
5. Use a Windows OS password—Many laptop manufacturers ship systems with the standard Windows Welcome screen and no password, leaving it up to you to protect your system. Your first step upon getting a new system should be to open Control Panel and click User Accounts. Select your user account and click Create a Password to password-protect the system. While you're in the User Accounts window, it's also a good idea to disable the Guest account.
.
[This is the standard Windows Password. If you don't currently have this setup, most users should be able to do this themselves. Here are instructions for XP users. http://www.microsoft.com/windowsxp/using/setup/winxp/accounts.mspx]
.
4. Don't automate VPN connection scripts—Most companies have set up VPNs so that traveling employees can access corporate resources. That's good, but it's also a good idea to require a manual logon for all VPN connections. Automated logons make it too easy for laptop thieves to gain access to corporate data.
[not an issue for most home users]
.
3. Consider tracking software—Some fairly new security applications enable your laptop to "phone home" if it's stolen. Some programs can report a laptop's physical location when it connects to the Internet; others can automatically delete sensitive data. Available products include AbsoluteSoftware's ComputracePlus (http://www.computrace.com) and zTrace Technologies' ZTRACE GOLD (http://www.ztrace.com).
.
[I will admit, I did have LoJack for laptops on my computer and never got it back, but I credit it to the little bit of security I did have and a lazy thief. LoJack gave me back my money when they couldn't trace it within the specified amount of time.]
.
2. Use EFS—Encrypting File System (EFS) can ensure that the sensitive information on your laptop stays private even if the device is lost. Windows XP's EFS lets you encrypt the sensitive data on your system, thus keeping data safe even if a thief installs a new OS to gain access to the computer.
.
[This is not for the casual user, but you can sometimes now order your computer pre-configured with encryption. Encryption is basically unbreakable. If you forget the password then forget about the data.]
.
1. Use a personal firewall—Losing your laptop isn't the only way to lose the information on it. If you're connected to a public network—or even an unfamiliar private network—your laptop and the data on it are potentially open to viruses as well as unauthorized access. Using Windows Firewall or another personal firewall, such as Zone Labs' ZoneAlarm, is the first line of security for protecting the data on your laptop from unauthorized network access.
.
[Windows does come with a firewall, but it is limited. ZoneAlarm is free, but many times your laptop can come with something pre-configured. You might also consider something like http://www.anonymizer.com/ which is in addition to a firewall. I have used this before. There are other ways to secure your computer, but this email is more about physical loss and data loss then security in general.]
.
0. Have a backup—Okay, this wasn't in the article, but I think it's very important. Have a backup system in place in place. I have two (well, I actually have three or four, but it's basically just multiple duplications of the first suggestion). Luckily, since my laptop was backed up I didn't loose anything. My only loss was the hardware and hoping I didn't get my identity stolen because of the data on the computer.
.
The first way you can backup is an external hard drive plugged into your computer. Get one at least the size of your internal HD, but better to get one much bigger so you can have multiple backups. Then I use a free software called Cobian Backup. It copies your files, file for file, to the external hard drive on what ever schedule you prefer (daily, weekly, monthly) and it will keep how ever many copies you have room for. I've been using it since at least 2002 and it's absolutely fabulous. I use this for every one of my small clients and friends that I help.
.
Okay, so that's great, but what if your house burns down or floods, the hard drive gets stolen or otherwise breaks down (and yes, I have had two hard drives fail simultaneously at the most inopportune time). For that you need a second, off site backup. Big corporations use a second location on the other side of the planet and/or an offsite disaster proof facility to store their tapes, but what individual has money for that? Recently a service called "Carbonite" came out that is reasonable and affordable for everyone. You can backup an UNLIMITED amount of stuff for only $50 a year. Of course they have all of the security that you can't afford. There are other services, I used Mozy for a while, but I like Carbonite better. If I refer friends you can earn free months, but you have to send an email to them to be referred. Ask me and I'll send you a referral... I've setup two or three people with Carbonite already and I keep forgetting the referral (damn).
---
Obviously I can't pretend that this is the end all of computer security, but if you plan ahead, loosing your laptop won't be as devistating as it could be.