Posted on Thursday, August 3, 2017
Laptop computers give employees more freedom and flexibility. With current files at their fingertips and Internet access ports readily available in homes, offices, hotels and airports, users can literally work from almost anywhere in the world. But laptop computers come with some real security baggage. The portability that makes them so practical also makes them a prime target for burglary.
In most cases, laptops are stolen for black market resale of the computer or its parts. However, in some cases thieves know what information a system is likely to store-as well as the street value of the sensitive data. Apart from losing an expensive piece of equipment, laptop theft can put sensitive information in unknown hands and provide an open door to DND systems.
Where is laptop theft most likely to occur? Criminals, foreign agents and opportunists are known to scout certain venues for unattended laptops: airports, public restrooms, payphones, lounges and restaurants, automobiles, home and work places. If that seems to suggest your laptop is never safe alone, you’re getting the message.
How can I protect my laptop? Vigilance is the key to laptop protection. If you use a laptop in your office, lock the door and put the laptop out of sight when you have to leave the room. Lock it in a secure container or take it with you when you leave for the night.
Use extra caution when you are on the road. Maintain physical contact with your laptop-particularly in public places such as airport lounges, bus terminals, taxicabs and restaurants. Never leave a laptop in plain view in your hotel room.
It’s a good idea to arm your laptop with locking cables and alarm devices but these should be considered deterrents-not foolproof protective measures.
What about my data? Many Department of National Defence (DND) employees keep sensitive data-either their own or that of collaborators-on laptop computers. Encryption software helps safeguard your information and reduces the risk of disclosure if the laptop is stolen.
Choosing secure passwords is equally important. It’s a good idea to employ the password function in the screen saver and to password protect sensitive files. Resist the temptation to use the same set of passwords on your laptop and desktop computers.
Make sure your laptop doesn’t contain the only record of your work. Always create back-up files and store them in a separate location. If you use your laptop at the office, download current files to DND servers on a regular basis. When you’re on the road, carry back-up copies on disks and keep them in your suitcase.
Finally, don’t forget that laptops are just as susceptible to infections and often store hidden information. Make sure you keep up-to-date virus detection software on your laptop. Never assume that deleting a file has completely removed the information from your laptop. Many applications embed data or retain deleted information within files. Using the ‘Delete’ key removes obvious pointers to the information but serious hackers may still find traces of the data on the hard drive.
Keeping interlopers from accessing DND systems via your laptop requires awareness and action. Laptop users need to be aware that some Web sites collect information from visitors-information that can be exploited by others to mimic your identity and gain access to NRC systems. Talk to your ISSO to find out how to remove hidden and residual information from your laptop.
What if my laptop is stolen? Report stolen laptops to your local Military Police: they will handle the investigation. By being prepared for the worst, you can make their job easier. Keep the following information on file in a separate location to help them trace and identify your computer.
• The make, model and serial number of your laptop.
• A description of physical characteristics such as size, colour or other unique features.
• Any DND (Information Technology) IT Asset tag number.
Change your passwords: seemingly innocuous items (i.e. a business card in your laptop carrier) make it easy for thieves to follow the trail to your desktop workstation and gain access to DND systems.
Notify any parties-colleagues, industry partners, etc.-who may be impacted by the theft.
Act quickly to complete all of the above. The longer the incident is left unreported, the greater the chances the thief will get away with your system and potentially gain access to the information it contains.