Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

11/3/2008
05:13 PM
Rob Enderle
Rob Enderle
Commentary
50%
50%

Laptop Security During the Economic Crash

Theft rates go up sharply when you have an economic crash. People are looking for items to take from homes and cars that are easy to transport and easy to sell. Laptops fall into this category because they are both small and easily sold -- especially if new, attractive, and one of the more desirable models. This suggests a number of best practices are necessary to ensure they don't walk off and, if they do, don't compromise the business.

Theft rates go up sharply when you have an economic crash. People are looking for items to take from homes and cars that are easy to transport and easy to sell. Laptops fall into this category because they are both small and easily sold -- especially if new, attractive, and one of the more desirable models.

This suggests a number of best practices are necessary to ensure they don't walk off and, if they do, don't compromise the business.Turn on the TPM and Encrypt the Data Store The most obvious first step is to turn on a laptop's Trusted Platform Module (TPM) and encrypt the directories that contain sensitive information. You don't have to encrypt the entire drive; doing so will substantially slow down the machine. If the laptop is stolen, and assuming the password remains secure, the information it contains should remain safe. If the laptop doesn't have a TPM, and Apple's laptops don't, then you'll need to use another tool, like FileVault, which is less secure but still wise to employ.

Implement LoJack For Laptops Absolute Software's Computrace and Phoenix Technologies' Failsafe (which includes encryption) offerings are marketed to OEMs and help recover stolen laptops. Both products are incredibly difficult to remove. For Mac users, Undercover performs a similar role. In all cases, these products notify you when a stolen notebook is connected to a network and, in some cases, transmit screen shots of what the user is doing. That can help to identify the thief or person who bought the hot laptop.

Implement Strong Multifactor User Log In If there were ever a time to dump passwords, this is it. Passwords are inherently unsafe. Properly implemented, a laptop that is aggressively secured with a combination of TPM and fingerprint reader or RSA Token can be much harder to configure to sell than one that is simply password-protected. Intel will soon be introducing a technology it calls Anti-Theft Technology (ATT) that will actually brick a stolen laptop much like high-end phones can be bricked by blocking their IMEI numbers. Since part of the problem is the laptop being stolen in the first place, a visible sticker that says the laptop has this technology and will be bricked if stolen will likely be an important deterrent; the best technology is one that prevents the theft in the first place. It is interesting to note there may actually be more value in the sticker than in the technology, but you'll need both or the sticker will be worthless. Employee Training Perhaps the most important best practice is to train your employees to keep their laptops out of sight if left in their cars and to avoid leaving them in places where they may be stolen. And enforce this training. In the home, laptops should be locked in a safe or secured with a Kensington lock if not in use. I also expect we will once again have folks walking through offices mining the laptops that are left unattended on desks. This suggests those laptops should either be locked in drawers, locked to the desks, or locked to docking stations.

This practice may actually trump many of the others if we are simply trying to avoid a theft in the first place. The careful employee is the safe employee. If employees are alert and careful, not only are their laptops safer, they and their families are safer, too, because catching a thief can often be worse than the theft itself.

-- Rob Enderle is President and Founder of Enderle Group. Special to Dark Reading.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.