Please don't take this personally: You, dear reader, are the weakest link. And sometimes you're also a sitting duck.
That notebook you carry around, full of corporate secrets and private customer data? When it comes to security, you're a disaster waiting to happen. Companies spend tons of money protecting data and computers on site. But when you take an unprotected laptop--or other information-containing device--on the road, you're opening the door to all kinds of security mishaps.
Case in point: In March, Fidelity Investments disclosed that one of its notebook PCs had been stolen. The laptop contained the personal information of 196,000 current and former Hewlett-Packard employees, including Social Security numbers.
And here's an ever scarier example to contemplate. In San Francisco, there's been a rash of notebook robberies, many occurring in wireless Internet cafes. The trend took a violent turn in April when a cafe customer was stabbed in the chest by a thief, who, with an accomplice, made off with the victim's PowerBook. (Luckily, the victim had no serious injuries.) Though San Francisco appears to be at the epicenter of this trend, who's to say similar crimes won't happen in other cities?
So what do you do, short of leaving your laptop in a bank vault? For starters, don't carry data around in your notebook unless it's absolutely necessary. And if you do have to carry sensitive information, encrypt the data and use strong password protection to keep unauthorized users out of your system. I'll tell you more about protecting your data next week; this week, I've got tips for keeping your notebook safe when you're on the go.
Never Leave Your Notebook Unattended
In the Fidelity example, an employee stowed the notebook in the back of a rented SUV while their group was having dinner at a restaurant, according to a report in The Wall Street Journal. Initially, the vehicle was locked. But during dinner, an associate of the employee retrieved an item from the SUV and forgot to lock it again.
What kind of Bozo would do that? You, for instance, or me. Show me someone who isn't careless on occasion and I'll show you a 99-year-old trapeze artist.
To minimize the risks of theft, always make sure your notebook is locked up if it's not with you. For instance, if you're meeting someone at a restaurant, lock it up in the trunk, if your vehicle has one, and make sure it's stored out of sight if you don't. An extra security maneuver would be to stow it before you arrive at your final destination to eliminate the possibility that a thief will see you putting it away. Always double-check to make sure the vehicle is locked--and don't offer others access to your vehicle. It may be a pain to go outside and get whatever is needed, but it's much less painful than dealing with the consequences of another person's carelessness.
At the airport, wait until it's your turn to pass through the metal detector before placing your notebook on the conveyer belt, if possible. This should reduce the amount of time your notebook sits unattended on the other side of the X-ray machine.
Lock It Up
Of course, taking your notebook with you isn't always feasible. In those cases, consider leaving it in the most secure place possible. If you'll be staying in a hotel, call ahead and ask if there are in-room safes. At a minimum, find out if there's a hotel safe in which you can secure the notebook when it's not needed.
Granted, a safe isn't a perfect solution. During a visit to New York, I locked my notebook in my hotel room's safe. When I went to retrieve it, the combination no longer worked, and I had to wait several hours before the manager could free my notebook from captivity. Still, the less time your notebook is left unsecured, the better.
Bolt It Down
What do you do if you need to leave your notebook in a room that doesn't have a safe? Invest $20 to $60 (or more depending on the device) in a notebook security cable/lock. Many notebooks today have a security slot into which you insert a locking device, attached to a cable. You then wrap the cable around something stationary, just as you would a bicycle lock.
Of course, a determined thief could snip a cable with heavy-duty wire cutters or find another way to get your notebook. But any extra step you force them to take may cause them to target another computer instead. Also, some notebook security products, such as the Targus DefCon 1 Ultra, emit a piercing alarm when the cable is tampered with.
Kensington offers a wide variety of notebook security devices, including the MicroSaver, a 72-inch long cable reinforced with titanium, and the MicroSaver Portable Notebook Combination Lock, with a retractable 48-inch cable and a combination lock.
Windows XP gives you the option of requiring a user password to log on. Though certainly far from bulletproof, a relatively complex password provides more protection than none at all.
A complex password includes upper- and lowercase letters, numbers, and one or more special characters. For example, suppose your name is Pat. You wouldn't use "Pat" as your password, would you? (You would? My, aren't we feeling lucky?) A better password would be something not easily identified with you.
The more complex your password, the more difficult it is to crack--and, potentially, for you to remember. Don't make your password so complex you can't remember it. Or, if you must store your passwords, keep them somewhere safe. Some software programs for PCs and PDAs give you the ability to manage and secure passwords. One example: DataViz's Passwords Plus, which lets you manage and secure passwords on your notebook as well as your Palm OS PDA.
To create a password for your account in Windows XP, go into Control Panel, then open User Accounts. Select the account you want to protect with a password and click the "Create a password" button.
Some laptops now come equipped with biometric fingerprint scanners, as an alternative or enhancement to Windows password-protection. For more on this, see number 3, below.
Encrypt Your Data
Another option is to encrypt any files on your notebook that contain sensitive data, such as customer Social Security numbers.
In essence, encryption scrambles data into code that only an authorized user can access. However, encrypting files, or your entire drive, can be time-consuming, slow system performance, and increase the likelihood you'll lose access to the data.
Windows XP Professional (but not XP Home) includes an option that lets you encrypt files on an NTFS-formatted hard drive. After encrypting a file, you can open it just as you would any file or folder. However, someone who gains unauthorized access to your computer cannot open any encrypted files or folders.
To encrypt a folder in Windows XP Professional, right-click it in Windows Explorer, choose Properties, click Advanced, select the "Encrypt contents to secure data" check box, and click OK twice. In the Confirm Attribute Changes dialog box, do one of the following: To encrypt only the folder, click "Apply changes to this folder only," and click OK; to encrypt the folder contents as well as the folder, click "Apply changes to this folder, subfolders, and files," and click OK.
Know Your Hardware Security Options
New security tools are appearing on a regular basis, so it's a good idea to keep up. Here are a few examples:
Seagate has developed a hard drive for laptops that automatically encrypts data with a minimal drag on performance.
Portable USB flash drives, designed to prevent data loss, are becoming increasingly popular. One example is Research Triangle Software's CryptoStick, which uses the secure Blowfish algorithm to encrypt files.
Before taking your notebook out of the office, always back up your most important files. Think twice about leaving your notebook unattended, even for a moment. Be on guard in airports, hotel lobbies, train stations--anywhere there are others moving about. And, of course, look both ways before crossing the street.