Home page logo
/

basics logo Security Basics mailing list archives

Re: Laptop security
From: "kevin fielder" <kevin.fielder () gmail com>
Date: Thu, 22 Feb 2007 11:00:35 +0000

Hi Badhri

For most businesses the data on laptops is the most valuable thing.  You
mention Data encryption, just to clarify, the best method is to use a
whole disk encryption product, as that ensures there can be no
unencrypted temp files etc.

Someone has already mentioned Kensington locks - we have a policy that
states these have to be used anytime the laptop is in use regardless of
whether the user thinks they will be staying at their desk or not, and
regardless of the location.

Some form of asset tag that leaves clear marks if it is removed - this
wont stop the laptop being stolen, but will make it quite obvious that
it is a stolen laptop to anyone looking at it.  It's worth noting that
asset tags should not identify the company in any way, and any contact
details should also be anonymous - e.g. set up a non company email
address to contact if the laptop is found.  While this may sound
strange, if your laptops are easily identifiable as coming from your
company they may be targeted (e.g. if you are a financial institution
and the thief things there may be customer data on the laptop).

In addition to user awareness publish a laptop use policy that is backed
by the highest levels on management which includes things like always
locking the laptop to the desk, never leaving it unattended while
travelling, not leaving it in the car overnight etc.

Cheers

Kevin


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of unknown hacker
Sent: 20 February 2007 22:45
To: Badhrinath S
Cc: security-basics () securityfocus com
Subject: Re: Laptop security

I'd recommend ensuring you make a note of the MAC address associated
with the machine, and getting friendly with the tech crime group of your
local law enforcement.  I'd also make enquiries with your local service
providers to see what their DHCP log retention is like.  If you play
your cards right and a laptop is stolen, you may be able to submit the
MAC to the service providers and have them search their logs for any
hits from it.

You may also want to look into an agent of some kind that contacts your
company during boot up which may also help during investigation.

Cheers,

Tremaine Lea
Network Security Consultant


On 19-Feb-07, at 10:39 PM, Badhrinath S wrote:

> Hello all,
>
>  Apart from data encryption, insurance and user awareness can anyone
> let me know other risk mitigation policies against laptop theft ?
>
> --
> Thanks
> Badhri
>
>



---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix.
http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]