funsec mailing list archives
Laptop Lockdown
From: "Richard M. Smith" <rms () bsf-llc com>
Date: Wed, 28 Jun 2006 11:41:37 -0400
http://online.wsj.com/article/SB115145402822192505.html?mod=technology_featu red_stories_hs Laptop Lockdown Companies Start Holding Employees Responsible for Security Of Portable Devices They Use for Work By M.P. MCQUEEN June 28, 2006; Page D1 The burden of lugging around laptop computers for work around the clock is getting heavier as companies place more of the responsibility of guarding against theft and other security lapses on their employees. A number of companies, including Aetna <http://online.wsj.com/quotes/main.html?type=djn&symbol=aet> Inc., Fidelity Investments and the U.S. unit of ING <http://online.wsj.com/quotes/main.html?type=djn&symbol=ing> Groep NV, are revising their policies about how employees should handle confidential data stored on computers. Many employees are facing new restrictions on who can take confidential records out of the office and are receiving special training on how to keep data secure. Workers found violating security policies are being disciplined, or even dismissed. Boeing <http://online.wsj.com/quotes/main.html?type=djn&symbol=ba> Co. now requires laptops to be physically locked with a cable to a stationary object at all times, whether they are in offices, conference rooms or a car, so that no one can walk away with them. The aerospace giant has stepped up enforcement of a rule that confidential data must be accessed only on company servers, not stored on laptops. Boeing officials have started conducting random audits of laptops to check for unauthorized or unsecured files. Some companies, including Aetna, the big health insurer, have begun telling employees that they can't use their own portable digital assistants such as Palm Pilots and BlackBerrys on company computers without permission. Other companies are disabling extra USB connections on workplace computers to make sure employees can't attach those accessories. And some even ban MP3 players in the workplace, security experts say. All these devices may lack encryption, and can be used to smuggle out confidential data. "Employees are the weakest link" in securing data, says Jon Oltsik, senior analyst for information security at Enterprise Strategy Group, an information-technology industry analysis firm. Before traveling on business, Marian Mays, payroll operations manager in Boeing's Seattle office, has started having her laptop examined by the company's security personnel to make sure she doesn't have any sensitive data stored on it. Once she is on the road, logging on to the company's server requires multiple passwords. "You just have to deal with it," she says. "We get creative with the passwords." ...
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Laptop Lockdown Richard M. Smith (Jun 28)