Mobile security need not be expensive: here are 10 ways you can minimize the risks to your laptop at little or even no cost.
The security of your corporate data and the integrity of your company network are put at risk whenever you travel with a business laptop. Thats because the laptop is no longer protected by the physical security that your office provides, or the security systems designed to protect the software running on it. And any malware that gets on to your laptop has the potential to infect other devices on your network next time your laptop connects to it.
But mobile security need not be expensive: here are 10 ways you can minimize these risks to your laptop at little or even no cost:
1. Encrypt the hard drive
If your laptop is lost or stolen, anyone who gets their hands on it could steal your data, read confidential emails, communicate with your contacts, and possibly even connect to your corporate network and cause even more havoc. The best way to prevent this is to encrypt the laptops hard disk so that a password has to be entered before the computer will boot. This will also make your data inaccessible even if the hard drive is removed and connected to another computer.
For laptops running Windows Vista Ultimate or Enterprise you can use Microsofts BitLocker utility, included with the operating system, to encrypt the system drive. For other Windows, Linux and OS X systems the open source TrueCrypt
application will do the same job for free.
2. Use a VPN
Connecting to the Internet from a business center, Internet cafe or airport hotspot presents a serious security risk as these are environments where it is relatively easy to intercept your data. A VPN
encrypts all data before it leaves your laptop, and keeps it encrypted until it reaches a trusted environment such as your home or office network. If your company doesnt provide a VPN, try the free OpenVPN
. Simpler to use solutions include paid-for services like HotSpotVPN
which uses OpenVPN, or remote access services like GoToMyPC
, both of which use data encryption to connect your laptop back to a trusted office or home network.
3. Update and patch your software
Most operating systems allow you to download and patch your system automatically, so its wise to ensure that this option is enabled to prevent it being vulnerable to known exploits. (Most systems recently infected with the Konficker worm had had Windows update disabled.) You can check for updates to common Windows applications using Secunias online software
4. Run a firewall and anti-virus software
There is some debate about how necessary anti-virus software is on Macintosh and Linux laptops, but it is wise to err on the side of caution. At the very least you should ensure a firewall is running. ClamWin is a free anti-virus applications for Windows, available from http://www.clamwin.com.
Alternatively, use a portable security device such as the Yoggi Pico
USB security appliance which includes firewall, anti-spam and anti-virus scanners and intrusion detection on a device the size of a USB memory stick.
5. Bolt down your browser
If you use a Windows laptop, switching from Internet Explorer to Firefox means you are less of a target to hackers. You can enhance you security further by installing several add-ons, such as NoScript
which can protect you against cross site scripting and clickjacking attacks. We've recently provided more coverage about security add-ons
for Firefox, too.
6. Chain up your laptop
Most laptops have a security cable socket (known as a Kensington slot) which allows you to physically attach your laptop to a desk or table. While this may not be necessary most of the time, using a security cable is a sensible precaution at conferences or other busy environments where you may be distracted and unable to keep watch over your laptop all of the time.
7. Encrypt your e-mails
If you cant use a VPN then you should avoid using standard e-mail applications to connect to POP3 and SMTP servers that dont use encryption. If you do then your user names and passwords could easily be intercepted, making all your email from that moment on insecure. (This is not the case if your email servers accept SSL or TLS connection, however.) If your data is confidential it still makes sense to encrypt the contents using software such as the open source GNU Privacy Guard
(GPG) and the FireGPG
Firefox extension. We recently covered GnuPG-based e-mail security, if you'd like more information.
8. Keep your backup data secure
Keeping backup copies of important data and passwords separate from your laptop is always a sensible precaution in case your laptop is lost or stolen while traveling. To keep them secure ensure they are stored in encrypted form, ideally on a USB drive.
You can store files on an encrypted partition on a standard USB stick using the free TrueCrypt, as long as you can remember a long and secure password to protect it. For even more security you can secure files and passwords on a special USB stick like the IronKey The IronKey
includes a feature which causes the device to self-destruct if the wrong password is entered ten times in a row, effectively preventing brute-force attacks which involve trying millions of different password possibilities until the correct one is found, and therefore making shorter, more memorable passwords more secure.
9. Practice safe computing
A laptop connected to the Internet outside the corporate network is not usually protected from malware to the same extent that it is when inside the corporate firewall protected by network security appliances. For that reason it is especially important to avoid opening attachments or clicking on links in emails from unknown senders, or visiting untrusted web sites. Doing any of these things risks infecting the laptop with malware.
Laptop users also often carry their computers around in bags which are very obviously laptop cases, advertising to thieves that they have a valuable piece of equipment. It makes much more sense to carry your laptop in a plain bag or briefcase which is a much less tempting target to criminals.
10. Password protect
If you are not using your laptop, its best to shut it down completely. That way anyone who gets their hands on the machine will be unable to get past the security provided by BitLocker or TrueCrypt. However, protecting the machine from coming out of screen saver mode without a password provides some (weak) security against an opportunist who may get access to your laptop for a short period while your attention is diverted.This article appears courtesy of EnterpriseNetworkingPlanet.com.
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today! |