Re: Laptop security

["kevin fielder" <kevin.fielder () gmail com>]

> Hi Badhri
>
> For most businesses the data on laptops is the most valuable thing.  You
> mention Data encryption, just to clarify, the best method is to use a
> whole disk encryption product, as that ensures there can be no
> unencrypted temp files etc.
>
> Someone has already mentioned Kensington locks - we have a policy that
> states these have to be used anytime the laptop is in use regardless of
> whether the user thinks they will be staying at their desk or not, and
> regardless of the location.
>
> Some form of asset tag that leaves clear marks if it is removed - this
> wont stop the laptop being stolen, but will make it quite obvious that
> it is a stolen laptop to anyone looking at it.  It's worth noting that
> asset tags should not identify the company in any way, and any contact
> details should also be anonymous - e.g. set up a non company email
> address to contact if the laptop is found.  While this may sound
> strange, if your laptops are easily identifiable as coming from your
> company they may be targeted (e.g. if you are a financial institution
> and the thief things there may be customer data on the laptop).
>
> In addition to user awareness publish a laptop use policy that is backed
> by the highest levels on management which includes things like always
> locking the laptop to the desk, never leaving it unattended while
> travelling, not leaving it in the car overnight etc.
>
> Cheers
>
> Kevin
>
>
> -----Original Message-----
> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> On Behalf Of unknown hacker
> Sent: 20 February 2007 22:45
> To: Badhrinath S
> Cc: security-basics () securityfocus com
> Subject: Re: Laptop security
>
> I'd recommend ensuring you make a note of the MAC address associated
> with the machine, and getting friendly with the tech crime group of your
> local law enforcement.  I'd also make enquiries with your local service
> providers to see what their DHCP log retention is like.  If you play
> your cards right and a laptop is stolen, you may be able to submit the
> MAC to the service providers and have them search their logs for any
> hits from it.
>
> You may also want to look into an agent of some kind that contacts your
> company during boot up which may also help during investigation.
>
> Cheers,
>
> Tremaine Lea
> Network Security Consultant
>
>
> On 19-Feb-07, at 10:39 PM, Badhrinath S wrote:
>
> > Hello all,
> >
> >  Apart from data encryption, insurance and user awareness can anyone
> > let me know other risk mitigation policies against laptop theft ?
> >
> > --
> > Thanks
> > Badhri
> >
> >

---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your 
enterprise with BigFix, the single converged IT security and operations 
engine. BigFix enables continuous discovery, assessment, remediation, 
and enforcement for complex and distributed IT environments in real-time 
from a single console.
Think what's next. Think BigFix. 

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------