July 2007 / July 2007 - Preventing Laptop Theft

According to Safeware Insurance, over 600,000 laptop thefts occur every year, totaling an estimated $720 million in hardware losses and $5.4 billion in theft of proprietary information. With only 3 percent of all stolen computers recovered, laptop theft is a serious threat that can have widespread consequences for you and your business. In this month’s Tech Brief, we will discuss steps you can take to limit your risk of becoming a victim of laptop theft.

Password Policies

Enforcing a strong password policy for your company’s mobile users is a quick and simple way to give your mobile users an extra layer of security. Thrive Best Practices state that all passwords should be complex – meaning they should be at least 9 characters consisting of a mix of alphanumerics, wildcard symbols (ex: !, @, #), and upper and lower cases. If you have a domain-based network you can implement this across all users.

Mobile devices should have a password policy as well. Blackberry Enterprise Server and Goodlink allow you to force complex passwords as well as implement a lockout feature in which the device locks down after a certain amount of inactivity.

As with any password policy, common sense should prevail. Never reuse the same passwords, email them, or leave them written down in an easy-to-find location. If you have trouble remembering your passwords but would like to use strong password security, you should consider USB-based thumb drives which let you securely store and access passwords. Many end-users here at Thrive use Authenex thumb-drives for password storage. Contact Thrive for more information, or visit http://www.authworks.com

Data Encryption Software

To further protect your sensitive business data, you should consider implementing volume-level encryption software on all laptops. This software encrypts data stored on your laptop’s hard drive so if it’s ever lost or stolen, anyone trying to access it will find meaningless encrypted files. For authorized users, supplying a password at the beginning of each session will decrypt your data.

Microsoft has included a volume-level encryption feature in their Windows Vista Enterprise and Ultimate editions called BitLocker Drive Encryption. Bitlocker prevents both remote and offline access to files and systems by unauthorized users.

Physical Security Features

Although strong password policies and encryption software will help to prevent access to you data, physically securing your machine is the first line of defense against laptop theft.
Thankfully you have a variety of options when it comes to physical security.

• Laptop cable locks from companies such as Kensington and Targus are portable and prevent theft by securing your laptop to desks or tables.
• Biometric security measures such as fingerprint readers are some of the simplest yet effective means of theft protection. By just swiping your finger across a sensor, you can log on to your machine or access sensitive files or applications without having to worry about passwords. Many new high-end and business laptops are pre-equipped with biometric security measures; if you’re in the market for a new computer you may want to research those.
• Did you know that Lojack, the famous automobile theft protection service now comes for your laptop as well? Lojack for laptops is a software application which, if your laptop is ever stolen, it continuously notifies a monitoring center once an Internet connection is established. Lojack then works with law enforcement to recover your computer. Services start at $50 a year – more information can be found at http://www.lojackforlaptops.com

What Can Thrive Do To Help?

We realize that data is the lifeblood of our clients’ businesses. So for Thrive, securing that data and making sure unauthorized users can’t access it is one of our top priorities. For clients on our managed service platform, if a device is stolen there are a series of scripts we can execute to locate the laptop and destroy the common business files on the machine. This includes documents, pdfs, excel files, powerpoint presentations, and outlook-related data. Note that this won’t actually format the entire hard drive, but just files that could compromise your business data. After locating your laptop and removing common business files, Thrive will work with local authorities to recover your machine.

If you have any questions about laptop security or would like more information about the policies or products mentioned in this month’s Tech Brief, please Contact Thrive and we’ll help answer any of your questions.