10 Steps to a Layered Approach to Laptop Security

For those of us with laptops here is a quick checklist from Absolute Software of best practices for protecting data on mobile assets:

1. Understand the risks. As organisations open up their networks to their mobile workforce, partners, customers and others, they expose themselves to greater security risks than when traffic was mostly internal.

2. Be proactive. If you cannot identify the weaknesses in your network’s security, someone or something will exploit those vulnerabilities. Educate yourself on current security risks, including the tools and techniques used by cyber criminals. Data security is a moving target that requires ongoing attention.

3. Use cable locks on laptops as visual deterrents. Most cable locks can be ripped off the plastic exterior of a laptop with a strong tug. Like ink-filled garment security tags in clothing stores, cable locks leave a mark when removed by force, but are ineffective at preventing many thefts.

4. Avoid leaving unsecured notebooks unattended. Lock them in cupboards, notebook carts or other secure facilities when not in use. If they must be left in a vehicle, they should be covered up or locked in the boot of your car.

5. Keep laptops inconspicuous. Laptops should be carried in inconspicuous carrying cases, such as backpacks or tote bags, instead of telltale laptop bags.

6. Install anti-virus software, encryption and firewalls. Prevent unauthorised access and protect valuable information with data encryption software. Keep all software products updated with the latest versions or patches to help minimise security holes. Ensure web servers, operating systems and line of business applications are fully patched.

7. Back up valuable data on a scheduled basis. Data backup needs to happen frequently to minimise the risk to the organisation in the event of loss.

8. Create a contingency plan. Identify possible damage should a breach in security occur; also consider how to serve stakeholders in the event of catastrophe. Contingency plans for security should be integrated with overall disaster recovery plans.

9. Use asset tracking and recovery software. Install an asset tracking and recovery tool such as Absolute Software’s ComputraceOne to track and recover computers that are lost or stolen, and monitor any changes or disappearances in computer memory, hard drives or peripherals.

10. Invest in advanced data protection. Use ComputraceOne to track fixed, remote and mobile computer assets and remotely wipe sensitive information in the event that a computer is lost, stolen or nearing the end of its lifecycle.