Security Basics mailing list archives

Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops?

From: "Brian Daniel Beck" <beckbria () msu edu>
Date: Tue, 13 Jun 2006 12:47:27 -0400

Mike Foster writes:

In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Am curious how all of you feel about the options.
How do  you feel and/or what is your experience with:
--Power-on passwords in the hardware/CMOS/BIOS Setup
--Hard drive locking passwords in the hardware/CMOS/BIOS Setup
--Laptops equipped with fingerprint readers for the above two options
--Windows NTFS EFS encryption
--TrueCrypt from www.truecrypt.org for encrypted storage areas
--Trusted Platform Module (TPM) https://www.trustedcomputinggroup.org
--Tokens that plug into USB
--Others?Thank you in advance...

Any of those to a degree can help, but I think the key point isn't any sortof access restriction on the laptop. They key point is to leave sensitivedata on the server. No one should ever have to take things like credit cardnumbers or social security numbers home. Heck, I'm trying to think of areason that such information should ever be stored locally on a user machineat all.

Current thread:

Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops?, (continued)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Harrison Holland (Jun 13)
  - Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Gethin Jones (Jun 14)
    - Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Greg Merideth (Jun 15)
    - Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? zipk0der (Jun 16)
- RE: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Sadler, Connie (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Bryan S. Sampsel (Jun 13)
  - Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Noaman Khan (Jun 14)
    - Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Saqib Ali (Jun 15)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Dave Patterson (Jun 13)
  - Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Dave Patterson (Jun 20)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Brian Daniel Beck (Jun 13)
  - Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Ken S (Jun 14)
- RE: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Robertson, Seth (JSC-IM) (Jun 14)
  - RE: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Bryan S. Sampsel (Jun 15)
- Re: Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? michal (Jun 26)