Re: Laptop security

Hi Badhri

For most businesses the data on laptops is the most valuable thing. You
mention Data encryption, just to clarify, the best method is to use a
whole disk encryption product, as that ensures there can be no
unencrypted temp files etc.

Someone has already mentioned Kensington locks - we have a policy that
states these have to be used anytime the laptop is in use regardless of
whether the user thinks they will be staying at their desk or not, and
regardless of the location.

Some form of asset tag that leaves clear marks if it is removed - this
wont stop the laptop being stolen, but will make it quite obvious that
it is a stolen laptop to anyone looking at it. It's worth noting that
asset tags should not identify the company in any way, and any contact
details should also be anonymous - e.g. set up a non company email
address to contact if the laptop is found. While this may sound
strange, if your laptops are easily identifiable as coming from your
company they may be targeted (e.g. if you are a financial institution
and the thief things there may be customer data on the laptop).

In addition to user awareness publish a laptop use policy that is backed
by the highest levels on management which includes things like always
locking the laptop to the desk, never leaving it unattended while
travelling, not leaving it in the car overnight etc.



-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of unknown hacker
Sent: 20 February 2007 22:45
To: Badhrinath S
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Laptop security

I'd recommend ensuring you make a note of the MAC address associated
with the machine, and getting friendly with the tech crime group of your
local law enforcement. I'd also make enquiries with your local service
providers to see what their DHCP log retention is like. If you play
your cards right and a laptop is stolen, you may be able to submit the
MAC to the service providers and have them search their logs for any
hits from it.

You may also want to look into an agent of some kind that contacts your
company during boot up which may also help during investigation.


Tremaine Lea
Network Security Consultant

On 19-Feb-07, at 10:39 PM, Badhrinath S wrote:

> Hello all,
> Apart from data encryption, insurance and user awareness can anyone
> let me know other risk mitigation policies against laptop theft ?
> --
> Thanks
> Badhri

This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console.
Think what's next. Think BigFix.;82309979;15562032;o?

Relevant Pages

  • RE: Laptop security
    ... One of the biggest exposures to your corporation and network is when laptop reconnect to your corporate network. ... An unrelated question on laptop security but would be glad if someone could ... BigFix ...
  • RE: Laptop security
    ... Cached domain profiles. ... An unrelated question on laptop security but would be glad if someone ... BigFix enables continuous discovery, assessment, remediation, ...
  • RE: Laptop security
    ... An unrelated question on laptop security but would be glad if someone could answer. ... BigFix ... the single converged IT security and operations engine. ...
  • RE: Laptop security
    ... Besides best practices suh as Keningston Cable security lock, ... parity encryption, admin user renamed, a very effective way to prevent ... "lost" their laptop then they should pay for the value of the laptop. ... BigFix ...