- Foiling Thieves
- Sounding the Alarm
- Preventing Data Theft from Laptops
- Maintaining Your Laptop's Value
- Further Information
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Preventing Data Theft from Laptops
Although the cost of losing the laptop hardware itself can be very high (the cost of the laptop itself and any peripherals and equipment can be many thousands of dollars), the loss of software and data on the laptop and the potential embarrassment, exposure, and liability that result from the loss of confidential corporate and client data can be far more expensive. What's more, these can be stolen or misused whether or not the laptop itself is also stolen. Therefore, it is vital to take measures to prevent data theft.
Protecting Data
A common method used to protect data stored on a laptop in the past was to set the BIOS password. A thief cannot log into the machine without this password. However, although this is an effective deterrent, it is not failsafe: It is possible to reset most BIOS passwords simply by removing the battery for 24 hours.
NOTE
See the documentation with your laptop to find out how to set the BIOS password. Usually Delete, Esc, F1, or one of the other Function keys gets you into BIOS at system startup. You will see an option available to set the security password.
For laptops on which this does not work, there are products and services available for resetting the BIOS password using other methods. These are useful if you are the legitimate owner of a laptop and have forgotten the password, but they're also useful to the potential thief of your data.
Other data-theft deterrents (again, not failsafe methods, but certainly ones that make the potential thief's task a lot more difficult) include using disk-drive locks to prevent unauthorized disks from being inserted into the laptop, and using strong software and network passwords.
A strong password is one that is not easily guessed and, preferably, consists of a mix of letters and numbers. Do not write down the password or stored it anywhere on or near the laptop.
Don't forget to disable autologon on your PC—see the Microsoft article "5-Minute Security Advisor: The Road Warrior's Guide to Laptop Protection" for the details of how to do this.
The most reliable method of ensuring that data cannot be stolen is to use one of the products on the market that specialize in encrypting or hiding data (or both).
For general purposes (aimed at purely making things more difficult for the average thief), some excellent free/cheap encryption software options are available, including PGP (pretty good privacy) and Windows features, such as the Encrypting File System (EFS).
Using Windows Encryption (EFS)
To encrypt a file or folder using EFS, simply right-click on a file in Windows Explorer, select Properties, and then, on the General tab, select Advanced and check the Encryption option for that file or folder.
From that point on, only your user can read the contents of that file or folder; other users cannot do so until it has been decrypted. Therefore, a thief would need to know or guess your password or crack the encryption key before he could view your file or folder. A truly determined thief might get around these deterrents, but most thieves would not get access to your files.
Some more advanced security products (such as XTool Data Protector) can enable you to encrypt, hide, and back up data, all in one product.
It is important to recognize that no matter how secure your data is within your laptop, once it leaves your laptop to travel over a network or the Internet, it could be vulnerable to network sniffing. Deter data theft via the network (particularly the wireless network) by using VPN/encryption solutions to enable your mobile workforce to access the network.
Also be sure to write down the make, model, and serial number of your laptop so that if it is stolen, you can provide it to the police straight away. Do not waste any time: Report a theft to the police immediately.
For more tips on how to avoid laptop theft, see the Washington, D.C., Police Department's tips at http://mpdc.dc.gov/info/consumer/laptop_theft.shtm.
Backing Up Data
In case you are subject to a malicious attack (such as a virus) on your data rather than actual theft, back up all your work regularly and store the backup in a separate location from your laptop. Of course, backing up your data also protects you from yourself: If you accidentally delete an important file, all is not lost!
However, be aware of the limitations of traditional backup methods, especially for Road Warriors. Simply backing up data to zip drives, MP3 players, or CDs is often unreliable: CDs and zip disks can be lost or might not be available at the time they are needed.
If you have to be sure that you can restore data that was backed up, products such as DataVault 2.0 now offer extremely effective online off-site backup/recovery and storage services. These services enable you to quickly and easily back up data to their backup servers. You can feel safe knowing that the data was encrypted before it even left your laptop and that built-in redundancy nearly guarantees that this data will be available later.