Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops?

[cc <cc () belfordhk com>]

Didn't you write?:
> My two cents....
>
>     The data should have never been on the laptop in the first place! If 
> work is necessary, VPN into the network. Work while on the road? Same 
> thing. Why should the security of the information be subject to the easy 
> of accessibility in an airport/home, elsewhere?

I concur with this.  Sensitive information MUST not be copied to any
mobile systems(notebooks, PDAs, etc..)  It's just asking for trouble.
Quite a few years back, my bank informed me that due to a slippage
in procedure (read: some employee had left their notebook in the
car.  This said notebook just so happens contains a lot of customer
information.  I'm sure you guys know what happens to notebooks
left in cars?  Yup.   Stolen.  I had to go to the bank and get
my checking account closed and opened another one.)

You'd figure banks would have policies against employees
lugging sensitive information OUT of the bank.  I mean,
sure, you'd like to take home some work; but shouldn't
these guys be exempt from doing that?

To this day, I still don't understand WHY my information
was in the notebook being lugged around by an employee.

Edmund


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------