As laptop computers become more prevalent in the workplace, Absolute Software's CEO John Livingston says that IT professionals face the new security challenge of protecting hardware and company information that is increasingly mobile. In this environment, the loss of even a single laptop can result in a business-jeopardizing data breach.
It's 2008 and one of every two computers in the world is a laptop.
The risk of exposing customers and employees to identity theft is also becoming a common public concern; 37 states now have data breach laws in place, forcing companies to be more proactive about the security of personal data.
So, how can companies harness the advantages of laptops in the workplace while protecting their computer hardware and sensitive data? The answer is two-fold: diligent company security policy and a multilayered approach to computer security that includes physical security and technology to manage computer assets and the information on them.
The first step in protecting your company from data breaches is agreeing on a code of conduct for the use of technology in the workplace. The most essential components of this should include:
??Ã identification of information that strictly cannot leave the company premises;
??Ã agreement on software or hardware products that are not permitted for use on company equipment;
??Ã and educating employees on company policies and security measures to ensure their buy-in.
Having set appropriate policies in place, the next challenge is ensuring that they are enforced by emphasizing common sense and taking advantage of readily available technology.
A multilayered approach to laptop security
With the proliferation of online chat, peer-to-peer file-sharing and handheld digital devices, no single security measure will provide adequate protection for sensitive company information and expensive hardware. For this reason, companies should take a multilayered approach to laptop security that incorporates physical deterrents, robust IT asset management and post-theft measures, such as hardware recovery and remote data deletion capabilities.
Below are five important steps for the proactive management of mobile computers and the sensitive information they contain:
Physical theft protection
Physical deterrents and common sense provide an effective first line of defense. Users should keep their laptops with them or lock them out of sight when taking them along is not an option. To keep laptops inconspicuous, cover them when they're in the car and opt for a nondescript case over a telltale laptop bag. Locks and cables should always be used to deter thieves, but like car door locks, shouldn't be relied on exclusively.
Technology for data protection
Encrypt your sensitive data and password protect your systems. Every laptop user should choose a complex password made up of numbers, lowercase and uppercase letters. Additionally, make sure that your anti-virus software, firewalls and other common software programs are routinely updated and patched to reduce security holes.
Effective asset management
Knowing where all your computers are, what is installed on them and who is using them are powerful security measures. Look for asset management software and services that allow you to track laptops regardless of location. Other key features include the ability to detect unauthorized hardware changes and software installations.
Backup of critical information
No security measure can provide a 100 percent guarantee that laptops containing company information will not fall into the wrong hands. Regularly back up critical information to minimize losses in the event that a laptop goes missing.
Consider the consequences of a criminal searching through one of your company's laptops for some value they could exploit. Post-theft recovery software is now a reality for businesses of all sizes. These products can help recover lost hardware, as well as remotely-delete data. This keeps the wrong people from accessing your information in a worst-case scenario.
A company's mobile-computer population is worth far more than the cost of laptops. Mobile access to information should be considered a strategic advantage for an organization-
not a potential liability. With thoughtful planning, effective organizational policy and the use of new security technologies, companies can safely benefit from the enhanced flexibility and productivity afforded by laptop computers.
John Livingston is the chairman and CEO of Absolute Software, which invented the computer tracking and loss control product category with the introduction of Computrace in 1994. Prior to taking the helm of Absolute Software, Livingston was a faculty member of the School of Business at the British Columbia Institute of Technology. He can be reached at firstname.lastname@example.org.