subscribe: Daily Newsletter

 

Security is not just about software

0 comments

Notebook computers often present a security dilemma. Among the best mobile productivity devices ever created, they may also be the single largest security threat to business infrastructure, writes Nitesh Doolabh, category manager: commercial notebooks & handhelds at Hewlett Packard SA's Personal Services Group.

Despite the alarming growth in the number of stolen notebook computers, and the subsequent compromise of vital and sensitive business data, executives, managers and employees are increasingly going mobile.
To ensure that your business is not at risk it is essential to keep the following five key points in mind at all times when mobile:
* Store only what you absolutely need. This is my first rule of data leakage protection. Why carry around customer spreadsheets, financial data, or plans for a new product/service if you don't need them while out of the office? Absent Information can't be compromised.
* Protect data passing over public wired or wireless networks. The best way to prevent casual or directed packet snooping or sniffing (better known as computer software or computer hardware that can intercept and log traffic passing over a digital network or part of a network) on public networks is packet or session encryption, even if encryption is limited to only traffic between the end-user device and a traffic encryption service provider on the Internet. For ultimate protection, use only Secure Sockets layer (SLL) connections to check e-mail or access company information. This connection is a protocol developed by Netscape for transmitting private documents via the Internet. When connecting in this manner isn't possible, online services can fill the gap.
* Configure devices to block external snooping. The first step in establishing a security perimeter around a device is configuration of a firewall. Personal firewalls are free on laptops running Windows XP or Vista. These solutions provide minimal protection against intruder compromise of your mobile system. Firewalls are also available for many handheld devices, protecting contact lists, e-mail, and other sensitive information commonly found on PDAs and smartphones. The second step is configuring Bluetooth, on laptops and handhelds, to block all unauthorized access. No laptop should be unnecessarily exposed because it lacks anti-malware protection.
* Encrypt sensitive information on the device. I know this is like beating the proverbial dead horse for many, but laptop theft reports make it clear that many users and organisations haven't yet gotten the message.  And laptop encryption doesn't have to drain your budget.
* Backup critical information. All business critical information should be copied to an alternate location. Even mobile users, who might not connect to the company network every day, can be protected against data loss with online solutions.
As a matter of interest: HP and Microsoft provide business customers advanced notebook computer security and reliability with HP ProtectTools and the Windows Vista operating system.
Some of the tools that have been introduced to the market, including a favourite of mine, the credential manager, make the computing experience a pleasure.
This tool is the glue that brings the different security technologies together, helping you Log in once and that's it. It eliminates the need to remember multiple passwords by using the single sign-on, a password vault that stores login information for websites, applications and protected network resources. Use with the HP Fingerprint Sensor – a single swipe will log you into everything! Credential manager ensures that you call the shots at all times.