September 21, 2000 06:21 PM

Laptop Security: Be Deliberate

Rating: (0)
Mark Joseph Edwards
Windows IT Pro
InstantDoc ID #15653

Laptops are commonplace today and so is their theft. But losing the computer often doesn't matter as much as losing the data it contains.

Case in point: Qualcomm's chairman and CEO recently gave a speech to the Society of American Business Editors and Writers at the Hyatt Regency Hotel in Irvine, California. After his speech, numerous journalists gathered around to ask questions. During that brief time, he was never more than 30 feet from his laptop, yet someone managed to steal it. The laptop contained some of Qualcomm's most valuable trade secrets (reported to be worth millions), which are now in the thief's hands.

News reports indicate the laptop was running a Microsoft OS and required a password to access its files, but the OS had no file encryption in place. In one report, the executive openly commented that he hoped Microsoft's password protection would prevent access to the laptop's data. But certainly you realize someone can access the laptop's files without a password. For example, a person can use an NTFS book disk if the laptop uses that file system, or someone can simply install a new OS, boot it, log on, and access the data.

The need to protect portable computing platforms is obvious in this light. Not only must you guard the device at all times, you should also consider some form of disk encryption to protect against a worst-case theft scenario.

If you prefer the Windows platform, consider adopting Windows 2000 for systems that store sensitive information. The new OS contains an Encrypting File System (EFS) that uses public key technology to guard files. Without the private key, users can access the file system only through an account that has been authorized as a private key recovery agent. Learn about EFS and some best practices by clicking here. You can also find two articles on our Windows 2000 Magazine Network written by Mark Russinovich that explain EFS in detail. Search for "Encrypting File System" to locate the articles quickly.

Also, be aware of a nuance to the EFS utilities, which Windows 2000 Magazine contributing editor Kathy Ivens recently discovered: EFS documentation states that read-only files won't be encrypted. However, Kathy found that in one scenario, read-only files are encrypted. If you use the Properties dialog in Windows Explorer to mark a folder encrypted, a message asks whether you want to encrypt all subfolders and files. If you choose not to do so, all files in the selected directory, including any read-only files, will be encrypted. This does not occur with the command line EFS utility Cipher.exe. We alerted Microsoft about this matter, and the company intends to clarify the nuance in the documentation.

If you prefer not to rely on EFS to protect your data, consider the encryption solutions other security vendors offer. You can find several listed on our Windows 2000 Solutions Shopper site. Search for "encryption" to find related security products.

Also, consider using a laptop cable lock to secure the device when you can't guard it closely. In addition, you might want to install a utility such as Stealth Signal that can "phone home" when connected to the Internet to report a system's IP address, which you can use to help locate a stolen system. Until next time, have a great week.

ARTICLE TOOLS

Want to use this article? Click here for options!

Add a Comment

Yes, it does - you can get it at http://www.absolute.com/

Rupert8/6/2009 8:39:56 AM

I know a lot of software companies now have BIOS level software that will reinstall itself, even if the OS is installed. I believe CompuTrace does this with it's security software.

Darnell4/21/2009 8:20:52 AM

Correct me if I'm worng, but the software-based "Phone Home" type of security will only work if they:
1) connect to the internet first
2) then attempt to log on.

If they attempt to log on without connecting to the internet, they most likely will reload the operating system to get use of the laptop and you will lose your software-based tracking solution.

Anonymous User 12/29/2004 1:18:03 PM

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

GOOGLE LINKS
SPONSORED LINKS
FEATURED LINKS

eBooks

Playbook for a Virtualized Datacenter | During challenging times, optimizing the IT infrastructure becomes imperative. Many organizations are looking to extend their virtualization efforts to encompass the entire datacenter. Get a step-through of your technology options and more.

White Papers

As the advances in USB devices have made them invaluable to most business users’, they have also exposed organizations to enormous risks. Learn how to easily enforce device/port control and data encryption policies without requiring new infrastructure and additional admin overhead.

WEB SEMINARS

Is Flexible Lockdown Possible? Join Darren Mar-Elia for this free web webinar exploring the various methods you should consider to protect and control your desktops while also understanding the impact on the end user community.
View Seminar On-Demand.

eLearning Series

We bring the experts direct to you to share their real-world perspective, experience, and expertise. During each event, three sessions stream in real time, allowing you to learn, to ask questions, and to get solutions.
Upcoming event: Windows 7 Deployment

Subscribe to Windows IT Pro!

DevConnections ITTV Left-Brain SharePointPro Connections SQL Server Magazine SuperSite for Windows Windows IT Pro

© Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.