Following up on last weeks episode with more computer related crimes. Don’t think Laptops are immune…they’re a lot easier to run away with than Desktops.
The Scene of the Laptop Crime
SCENARIO 1 : You’re at the airport, and you put your laptop through the scanner. Someone grabs it and runs before you pass through. Your stolen laptop contains your personal banking information and account access.
SCENARIO 2 : You’re in the library with your laptop and you get up to grab a book off the shelf. When you return your laptop is gone. Your stolen laptop contains enough information for someone to steal your identity.
These are just 2 possible scenarios in which thieves or unauthorized users could get access to sensitive and/or personal information on your machine. How could access to your information be prevented? Here are some tips for keeping your machine more secure and preventing unauthorized access.
Your Personal Laptop
If your laptop is stolen and/or accessed by an unauthorized user, it can be a disaster. Here are some tips to protect your laptop and your data.
- Lock up your laptop when it’s not in use. If your laptop isn’t in a physically secure area, it should be locked away. Even if you think the area is safe, keep in mind that others may have keys and could gain access.
- Use a strong password. A strong password can stop others from accessing your files and hard drive. Use a mixture of at least 8 characters including uppercase and lowercase letters, numbers, and symbols.
- Do not have your browser remember passwords. If your browser remembers them, anyone who gains access to your computer can gain access to the sites you visit.
- Encrypt your hard drive contents. Windows XP Professional contains the Encrypting File System (EFS) which allows you to encrypt files and folders on your computer. EFS should only be used on personally owned computers not connected to UW’s network. You can also use the TrueCrypt product for more secure encryption on your computer. Linux users can encrypt their drives using a variety of products available on the web. Mac OS X users can use FileVault to encrypt their hard drive data. You should back up your personal encryption certificates and keys to disk or CD and store them in a safe location. Warning!: If you forget your password, your data can be lost forever! *
- Install a BIOS password. This makes it harder for thieves to get at your data.
- Invest in recovery software. Software that silently calls home when a stolen laptop is reconnected to a network may help authorities recover your lost equipment.
- Don’t store sensitive or personal information on the laptop. Save as little as possible on the laptop itself. If you are traveling with your laptop, only load the files you need during your trip. Sensitive information for business related activities should remain on UW servers. Use VPN to get to them from afar. Personal information such as passwords, credit card information, and other sensitive files should not be stored on the laptop if it can be avoided.
- Be cautious of public use wireless and hardwired networks. If a wireless network does not include security, a huge potential for data theft exists. If you are in a public area on a wireless network such as a hotel or cafe, never login to sensitive web sites unless the site is using a Secure Socket Layer (SSL) designated by HTTPS. Be wary of using a VPN client unless you know all network traffic is encrypted. For further information on VPN at UW go to the WyoSecure VPN page.
- Report incidents. If you fall victim to laptop theft notify the authorities immediately.
Laptops for Checkout
Laptops may often be checked out from libraries or other locations. At UW, laptops may currently be checked out at Coe Library and the Geology Library, and select college programs. When you check out a laptop, make sure that you shut it down after use so it is refreshed for the next user and does not contain any of your personal documents or information. Do not save any personal information on a checked out laptop.
*Information Technology is unable to provide support for, or recovery from, encrypted file systems at this time. IT is working to implement system utilities that will provide a backup for lost keys for supported Windows Operating Systems.