Things to consider for defining laptop security strategy

["Saqib Ali" <docbook.xml () gmail com>]

Hello All,

I am looking for some ideas on what to consider when defining a laptop
security strategy. I am looking the security from both the process and
technology point of view. Currently we are concerned with only "Data @
Rest".

So far I have:
- Awareness
- Training
- Encryption (Encrypted Vaults, File/Folder encryption, full disk encryption)
- Data Recovery in case of the loss of the encryption key / Secure Backup
- Device recovery in case of theft or lost
- Data classificiation
- Centralized management
- Encryption key recovery
- Spyware control

--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------