Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

11/3/2008
05:13 PM
Rob Enderle
Rob Enderle
Commentary
50%
50%

Laptop Security During the Economic Crash

Theft rates go up sharply when you have an economic crash. People are looking for items to take from homes and cars that are easy to transport and easy to sell. Laptops fall into this category because they are both small and easily sold -- especially if new, attractive, and one of the more desirable models. This suggests a number of best practices are necessary to ensure they don't walk off and, if they do, don't compromise the business.

Theft rates go up sharply when you have an economic crash. People are looking for items to take from homes and cars that are easy to transport and easy to sell. Laptops fall into this category because they are both small and easily sold -- especially if new, attractive, and one of the more desirable models.

This suggests a number of best practices are necessary to ensure they don't walk off and, if they do, don't compromise the business.Turn on the TPM and Encrypt the Data Store The most obvious first step is to turn on a laptop's Trusted Platform Module (TPM) and encrypt the directories that contain sensitive information. You don't have to encrypt the entire drive; doing so will substantially slow down the machine. If the laptop is stolen, and assuming the password remains secure, the information it contains should remain safe. If the laptop doesn't have a TPM, and Apple's laptops don't, then you'll need to use another tool, like FileVault, which is less secure but still wise to employ.

Implement LoJack For Laptops Absolute Software's Computrace and Phoenix Technologies' Failsafe (which includes encryption) offerings are marketed to OEMs and help recover stolen laptops. Both products are incredibly difficult to remove. For Mac users, Undercover performs a similar role. In all cases, these products notify you when a stolen notebook is connected to a network and, in some cases, transmit screen shots of what the user is doing. That can help to identify the thief or person who bought the hot laptop.

Implement Strong Multifactor User Log In If there were ever a time to dump passwords, this is it. Passwords are inherently unsafe. Properly implemented, a laptop that is aggressively secured with a combination of TPM and fingerprint reader or RSA Token can be much harder to configure to sell than one that is simply password-protected. Intel will soon be introducing a technology it calls Anti-Theft Technology (ATT) that will actually brick a stolen laptop much like high-end phones can be bricked by blocking their IMEI numbers. Since part of the problem is the laptop being stolen in the first place, a visible sticker that says the laptop has this technology and will be bricked if stolen will likely be an important deterrent; the best technology is one that prevents the theft in the first place. It is interesting to note there may actually be more value in the sticker than in the technology, but you'll need both or the sticker will be worthless. Employee Training Perhaps the most important best practice is to train your employees to keep their laptops out of sight if left in their cars and to avoid leaving them in places where they may be stolen. And enforce this training. In the home, laptops should be locked in a safe or secured with a Kensington lock if not in use. I also expect we will once again have folks walking through offices mining the laptops that are left unattended on desks. This suggests those laptops should either be locked in drawers, locked to the desks, or locked to docking stations.

This practice may actually trump many of the others if we are simply trying to avoid a theft in the first place. The careful employee is the safe employee. If employees are alert and careful, not only are their laptops safer, they and their families are safer, too, because catching a thief can often be worse than the theft itself.

-- Rob Enderle is President and Founder of Enderle Group. Special to Dark Reading.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16772
PUBLISHED: 2019-12-07
The serialize-to-js NPM package before version 3.0.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of RegExp.prototype.to...
CVE-2019-9464
PUBLISHED: 2019-12-06
In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. This could dissolve the trust in the platform's permission system, with no additional execution privileges need...
CVE-2019-2220
PUBLISHED: 2019-12-06
In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers...
CVE-2019-2221
PUBLISHED: 2019-12-06
In hasActivityInVisibleTask of WindowProcessController.java there?s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...
CVE-2019-2222
PUBLISHED: 2019-12-06
n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android...