In a perfect world, data security would not be necessary. However - in case you haven't
noticed - this is not a perfect world.
How can you protect your notebook?
First, the obvious:
RULE NUMBER 1: Don't leave your notebook vulnerable to theft.
Remember the Desert Storm operation? Well, before the battle started,
there was a British Air Force Officer who left his notebook computer unattended in his
car. That computer held top secret attack plans. Guess what? The computer was stolen.
After news reports about the incident aired - the computer was returned by the
recalcitrant thief. His comment was that he was a "thief and not a bloody spy."
(The unfortunate officer in question was demoted.)
You may not have vital attack plans on your portable computer - but what you do have may
be just as valuable to you and your organization. So ... first line of defense: Don't
leave your computer where it is an "attractive nuisance."
Of course - you can't have your computer with you all the time - and let's
face it - secure rooms or steel safes are not at every street corner or hotel
establishment. So ...
RULE NUMBER 2: Lock your computer to a stable physical fixture.
Like the radiator in your hotel room. How do you lock it? Buy a security cable kit.
They come in black or beige or gray to match the color of your notebook. The kit consists
of a steel pad which is affixed to your notebook via a special adhesive. A security cable
runs through the pad, and a lock attaches to the loop at the end of the cable. You pass
the cable through an immovable fixture, then lock it. A thief will need anywhere from 5 to
15 minutes to cut through the cable. And most thieves won't wait around that long. (Many
computers today even come with locking hardware built in - ask your distributor if your is
such a model.)
Along with this - you can purchase the small hand held motion alarms available in many
electronic shops. Stick a piece of velcro on your computer - stick it's mate onto the
alarm. Attach the alarm to the computer, set it - and then if the computer is moved - it
will be polite enough to scream for help.
OK - some thief really wants your notebook - and finds a way to get it off your hands and
into his. What then?
RULE NUMBER 3: Encrypt the hard drive!
There are several real time (on the fly) hard drive encryption programs available. They
function by encrypting each byte of the hard drive. Once the hard drive is encrypted - the
user needs to enter a password to access the computer. No password - no access. Even if
someone were to try and take your hard drive for an unauthorized spin - without the
password - no information could be gathered. Even if the hard drive was searched sector by
sector with a utility program - all the thief would see would be garbage characters. I
hate to say this but .... PLEASE DON'T WRITE YOUR PASSWORD ANYWHERE ON THE COMPUTER! You
would be amazed how many people do just that. They are the same people who leave their
passwords under the keyboard or mouse pad - just in case they forget it! Which brings us
to:
RULE NUMBER 4: Choose a strong password.
By strong I mean one that you can remember but would be hard for a hacker to guess.
Don't choose your car's license plate - or your birthday - or your wife's name - or your
dog's name - or - well you get the picture. Don't choose "cultural icons"
either. That means Superman is out. Conan is out. Asterix (for my
German friends) is out. (When I was in Germany, there was a very well known shipping
container firm that used all the famous Asterix character names for their passwords
(Asterix, Idefix, Obelix, etc...) Needless to say, one day they received some bad
news - someone had hacked their system. I wonder how the Hackers managed to guess the
right passwords?
RULE NUMBER 5: Double encrypt very sensitive data.
On the fly hard drive protection is secure - but in order for the software to function
- a loss of speed occurs. Usually this loss of speed is hardly noticeable. However, if the
encryption techniques were made more secure - the loss of performance would be very
noticeable. Get a good encryption product that does one thing - secure your files. You
don't need a dog and pony show program. You need one that will make your data all but
impervious to attack. (We will let you know what programs are the best - but not here.
Please read the last paragraph.) Oh yes - choose a different password than the one you use
to access your computer.
(What if you forget your password/s? With a good program - there are no "back
doors". Unless you have deposited a copy of your password with your lawyer or left a
copy in a safe deposit box - you are, sorry to say - out of luck.)
RULE NUMBER 6: Get and Install a virus protection program - Now!
If you don't already have a virus protection program, get one and install it now! I
don't care if you only download files from your Grandmother's Web site, or use only
factory sealed shrink wrapped floppies. That's no excuse. Without a virus program that has
a real time monitor, a full featured virus scanner and an automatic file scan when
downloading executables from the Internet - you are just playing with fire. You will get
burned. You have been warned.
These are the minimum security measures that you should take. Following them will make
your data secure to all but the most determined - not to mentioned intelligent and well
financed - thief or hacker. You can rest assured that your private information will remain
just that - private.
LAST PARAGRAPH: I have not mentioned specific programs for a reason.
Doing so would constitute an endorsement of a particular company or product. However ....
if you would like to have my personal opinion of the best products to get - just drop me
an e-mail with your needs. I'll let you know what I use - you can take it from there.
Please note that no warranties are made with my suggestions. Just because I use them,
doesn't mean that they will be suitable for you. (Yea - I know - this is a disclaimer.
I hate them as much as you. If this was perfect world, no one would need disclaimers.
However ....)
Just how imperfect a world is it? Click here for the latest
CSI-FBI Security Breach Study highlights.
Please E-Mail us with your
questions or comments
Safe computing! (Click here for Part 1)
© 1999 - 2004 Enterprise Information Management, Inc.
Email : contactus@eiminc.net
Revised: February 28, 2004.