Laptops
increasingly raising data security concerns
by
Alan Zisman (c) 2006 First published in
Business
in Vancouver May 30-June 5, 2006; issue 866
When
computer backup tapes containing 77,000 personal medical files were
accidentally auctioned off, the BC government did the right thing and
tightened regulations in hopes of preventing a reoccurrence of the
incident.
Laptop
computers, however, are far more prone to theft or loss. And when the
laptop is gone, so is all the data on the hard drive.
At
almost the same time as the B.C. backup tape mishap was discovered, a
laptop belonging to a Boston-based Fidelity
Investments employee went
missing at an off-site business meeting. On it was a database file with
names, social security numbers and personal financial data of almost
200,000 HP employees belonging
to retirement plans managed by Fidelity.
Increasingly
popular with both business users and consumers, laptops now account for
over half of the computers bought in the U.S. and Canada. They’re also
increasingly popular targets for theft; 318,000 laptop thefts were
reported in the U.S. in 2003. Vancouver-based Absolute Software notes
that a laptop is stolen every 53 seconds.
You need two levels of protection: one for the
laptop, another for its data.
Get a laptop lock and use it.
Is
a briefcase visible in your parked car? Bad idea. Don’t leave the
laptop out on the desk when you leave your office in the evening. Lock
it away in a desk or filing cabinet drawer. A non-descript briefcase or
backpack is a better choice than a custom carrying case that screams
“laptop inside.” And keep your eye on your laptop at all times as it
goes through airport security checks. Engraving your driver’s licence
number on the bottom can help identify it in case of loss. Keep a
record of the laptop’s serial number in a separate location. Consider
having an asset recovery tag – a small metal ID – super-glued to your
laptop (www.securitrac.com
or www.stoptheft.com).
A
service like Absolute Software’s CompuTrace, once installed onto your
laptop, automatically contacts a monitoring centre, allowing it to be
located if lost or stolen.
Keeping
current backups of your data will ensure that anything lost on a stolen
laptop is replaceable. But you can also make sure that data on your
laptop’s hard drive is not easily read.
Set
up your laptop to require a valid user name and password at log-in.
Disable the guest account and make sure the administrator account
requires a password. If you’re running Windows XP Home Edition, this
can be a bit of work; Home Edition hides these basic security features
to make it “friendlier” for consumers.
Encrypt
your data files; many applications, including the various Microsoft
Office components include the option to password-protect files when you
save them. Mac OS X users can easily encrypt all personal documents by
turning on that operating system’s FileVault feature. Windows 2000 and
XP (Professional only) users can right-click a file or folder icon,
choose Properties and then click the Advanced button to find an option
to encrypt contents.
For
both Mac and Windows XP users, files are automatically decrypted when
you’re logged in, but the data is unavailable to any one else accessing
your computer.
Maybe
you should only be accessing vital files across your network. Your IT
department may be able to set up a virtual private network to allow you
to log in from home. Or keep the files (in encrypted format) on a USB
memory key and keep that device separate from the laptop when you’re
not using it.