Home page logo

basics logo Security Basics mailing list archives

Re: Laptop security
From: dlandru () austin rr com
Date: 23 Feb 2007 16:55:39 -0000

There are a couple of things you add to your policies:
1) Don't generally allow customer data to be stored on laptops. If it is necessary, limit the amount of data stored and 
have the person's manager authorize the storage of the data.
2) ensure the data is encrypted.
3) In cases where something does happen, you need to know what and who's data was lost.  So keep a list copy of the 
data on a local server and have it updated frequently (backup).  You can also keep copies of the data types and who's 
data, such as clearing the contents in a spreadsheet of the data except for the column names and names of the 
customers.  Then you have who's data and the types of data, but not the actual data itself in a backup copy on a local 
4) Have periodic reviews and purge data that is old.  People have a tendency to keep everything. But in the case of 
client or customer data, that is a bad thing, especially if it gets lost.

This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your 
enterprise with BigFix, the single converged IT security and operations 
engine. BigFix enables continuous discovery, assessment, remediation, 
and enforcement for complex and distributed IT environments in real-time 
from a single console.
Think what's next. Think BigFix. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]