|
Some hints on how to protect your laptop in meetings
A small FAQ
At meetings (standards and others) you need to secure your
portable computer. This FAQ has been written to give you some informal hints and
tips. New products are always appearing, so do keep yourself up to date and look
out for new products and services.
Backups
Of course, you need to look at Backup, using an external
USB hard disk or CDR/CDRW for backup (and you can keep sensitive s/w on it,
though of course most of it will be left in swap and cache areas on your PC!). I
have often failed to follow this advice and regretted it with lost, stolen or
damaged laptops!
Physical security
Be careful, as you will be in areas that will be favoured
by thieves, such as airports and hotels. Make sure that your computer does not
have any sensitive information so that you will not be embarrassed by it’s loss.
- If your PC is stolen make it
difficult by using password protection, most will offer it at start up in the
BIOS. Some laptops also have hard disk encryption in BIOS, which will prevent
the disk from being read (except with a great deal of skill).
- Consider using any built in
encryption.
- Physical security of a Laptop can be
improved by attaching a cable-lock, like a so called Kensington (R) lock [Note
that at airport security these have been known to cause problems, as they can
be thought of as a weapon]. Consider the hotel safe. If the laptop is too big
for the safe, you can put the hard disk only in the safe if it is easily
removable.
- Don't place the laptop in the
passenger compartment of a car, while it is parked. Use the trunk (or boot)
and place it there before arriving at the parking space.
Protect yourself from others
The electronic security is quite a more interesting issue,
as LANs (both fixed and wireless) are used at meetings, and most people use
Microsoft software which needs some work to make secure (Linux is an option!).
Otherwise other people may look at your data or worse...
You should definitely have the most of the security
measures below for Internet connections using telephone, and 'always on'
connections such as cable or ADSL.
Informal electronic security advice and guidance
-
Antivirus - Norton
works well for me, and can also be used to look for viruses in email. I have
found catches most Email viruses, but keep the virus checker up to date it all
the time! There are lots of other viruses checkers, such as
McAfee
and Sophos. Really keen security people use two virus checkers to try and
protect themselves.
- Firewalls -
Zonelabs
offer a free firewall. This works very well, there is a free version which is
perfectly good, and you can upgrade to a professional version which does a bit
more such as script blocking in emails etc. Other products are available, such
as BlackIce.
Use these, even if you are using the XP firewall, which has been mentioned as
not as good as Zonelabs.
- Test you security - To test your
system, try Gibson Research
and go to 'Test My Shields'. This will try a few low-level number and
well-known ports for weakness. Without a firewall you will be surprised what
is exposed. Other sites offer full port scanning, but at a cost ($ and time).
- Spyware - Check your PC for spyware
programmes that may be leaking your browsing, dialling premium rate Internet
connections or monitoring your passwords!
Lavasoft
have a product Ad-aware, and there is a free version. Try also
SpySoft,
which is what I am using at the moment.... which is free (but you can
donate). Both will also delete cookies that may be looked at by sites you are
visiting tracking your surfing activities.
- SPAM - is a real problem these days.
I use Mailwasher,
which works well enough, and is free for one POP mail server. There are lots
of good sites with advice on SPAM such as
SpamCop.
- Microsoft software itself needs to be
secured. Patch it regularly by visiting their update site.
There are often security updates to find.
- Don't forget to disable file sharing
and protocols you do not use (generally only TCP/IP is used).
- Email - I also use for email
Eudora
at as this isn't seem quite so prone to outlook type viruses (which use Visual
Basic and exploit browser flaws etc), such as the 'I LOVE YOU' virus. It will
also take PGP plugins, has free version, and Version 6 incorporates Spam
filtering (if you pay and register). There are also anti-spam products for
Microsoft email programs.
- Use a password-protected screensaver
with a short elapse time; to ensure that the laptop is protected in short
breaks during a meeting.
I hope this helps!
Charles Brookson
Chairman ETSI OCG Security
December 2003
Legal bit:
- All copyrights acknowledged.
- I am not responsible for my advice,
guidelines on products to be taken as informal advice, at your own risk.
|