Laptops Are Tops

Last year, for the first time, sales of laptops outpaced sales of desktops. If it hasn’t already, the job of securing mobile systems will take up a significant portion of IT departments’ time moving forward.

There’s a new vulnerability lurking out there—mininotebooks. They’re even smaller and easier to swipe or lose than their big computing brothers.

The FBI’s National Crime Information Center has reported that the number of laptop thefts increased almost 48 percent during the last two years. The Ponemon Institute recently released data estimating that 12,000 laptops are lost or stolen in U.S. airports every week.

According to the Theft Resource Center, the number of reported data breaches in the United States in 2008 hit 656, nearly 50 percent more than in 2007. The organization puts the number of data records exposed at roughly 35.7 million, but concedes the actual number could be much higher. Some of these breaches can be attributed to sophisticated hackers or disgruntled employees, but many are the result of lost or stolen laptops.

Don’t underestimate the cost of a data breach. It was recently reported that the Department of Veterans Affairs has agreed to pay $20 million to current and former military personnel whose personal information was contained on a stolen VA laptop computer.

Full disk encryption is key to laptop security initiatives. According to various industry and government regulations, the only scenario in which a lost or stolen corporate laptop does not have to be reported as a data breach is if it is fully encrypted. This preventive measure can save the organization from extensive customer notification costs, large legal fees and untold damage in the form of negative brand perception, according to endpoint data protection vendor GuardianEdge.

In Windows 7, the successor to Windows Vista, Microsoft has enhanced its BitLocker drive encryption protection. Unfortunately, the feature remains reserved for Software Assurance customers.

Ericsson will integrate Intel’s new Anti-Theft PC Protection technology into its mobile broadband modules. This will allow a user or IT department to send an SMS text message to the laptop that will disable the PC and protect stored data. Lenovo and Phoenix Technologies are offering similar capabilities with Lenovo’s ThinkPad notebooks.

Trellia Networks has launched new software to address enterprises’ growing need to automate and enforce security policies on mobile work force laptops. The company’s MPME (Mobile Policy Management and Enforcement) solution supports central management of essential security policies for network selection, VPN, proxy and bridging prevention.

Passwords are exploding and require constant vigilance—from steady rotation to the use of differentiated passwords across accounts—to maintain security best practices. “You don’t need to remember all of those changing passwords if you place security at your fingertips. Eighty percent of enterprise laptops today have fingerprint readers built into the system, making enterprise security a snap,” said Vance Bjorn, CTO and co-founder at DigitalPersona, a biometric identity protection solutions provider.