US-CERT Cyber Security Tip ST04-020 -- Protecting Portable Devices: Data Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Protecting Portable Devices: Data Security

   In addition to taking precautions to protect your portable devices, it
   is important to add another layer of security by protecting the data
   itself.

Why do you need another layer of protection?

   Although there are ways to physically protect your laptop, PDA, or
   other portable device (see Protecting Portable Devices: Physical
   Security for more information), there is no guarantee that it won't be
   stolen. After all, as the name suggests, portable devices are designed
   to be easily transported. The theft itself is, at the very least,
   frustrating, inconvenient, and unnerving, but the exposure of
   information on the device could have serious consequences. Also,
   remember that any devices that are connected to the internet,
   especially if it is a wireless connection, are also susceptible to
   network attacks.

What can you do?

     * Use passwords correctly - In the process of getting to the
       information on your portable device, you probably encounter
       multiple prompts for passwords. Take advantage of this security.
       Don't choose options that allow your computer to remember
       passwords, don't choose passwords that thieves could easily guess,
       and use different passwords for different programs (see Choosing
       and Protecting Passwords for more information).

     * Consider storing important data separately - There are many forms
       of storage media, including floppy disks, zip disks, CDs, DVDs,
       and removable flash drives (also known as USB drives or thumb
       drives). By saving your data on removable media and keeping it in
       a different location (e.g., in your suitcase instead of your
       laptop bag), you can protect your data even if your laptop is
       stolen. You should make sure to secure the location where you keep
       your data to prevent easy access.

     * Encrypt files - By encrypting files, you ensure that unauthorized
       people can't view data even if they can physically access it. You
       may also want to consider options for full disk encryption, which
       prevents a thief from even starting your laptop without a
       passphrase. When you use encryption, it is important to remember
       your passwords and passphrases; if you forget or lose them, you
       may lose your data.

     * Install and maintain anti-virus software - Protect laptops and
       PDAs from viruses the same way you protect your desktop computer.
       Make sure to keep your virus definitions up to date (see
       Understanding Anti-Virus Software for more information).

     * Install and maintain a firewall - While always important for
       restricting traffic coming into and leaving your computer,
       firewalls are especially important if you are traveling and
       utilizing different networks. Firewalls can help prevent outsiders
       from gaining unwanted access (see Understanding Firewalls for more
       information).

     * Back up your data - Make sure to back up any data you have on your
       computer onto a CD-ROM, DVD-ROM, or network. Not only will this
       ensure that you will still have access to the information if your
       device is stolen, but it could help you identify exactly which
       information a thief may be able to access. You may be able to take
       measures to reduce the amount of damage that exposure could cause.
     _________________________________________________________________

   Authors: Mindi McDowell, Matt Lytle
     _________________________________________________________________

   This document is available at:
	
	<http://www.us-cert.gov/cas/tips/ST04-020.html>

   Copyright 2004 Carnegie Mellon University. Terms of use

	<http://www.us-cert.gov/legal.html>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQXa6exhoSezw4YfQAQI+lwf/QtQ1SaEF6+3KP3zPKs2BcSct6zhymzW6
Uy1WZ7OZZ7YWbLoHBjPqtorbW8SMDjUX+oGUzT87YaELjX9styOWtt9fKONrUAOb
7SY8ACGVS77kJC76zVOUoLGlWcdyIDYKQA7tz2mge4FZaMRv/WV3XkU0inMVHgaF
8FfkTO5nlmgGyelhJingFJbBaNZoK4n0lSJH0yc6MZHZsEbVQ8lyr1fQa/YuxO6I
Vzj/WgvjtWifGZeRdoWYHWSfsceb9zLXjQD8ds02Vr1+4JNdx8td2wgDdTNZQKrl
t5wJhS/AnaTuZLgAdmhMqksckXIHQGVAZUJ85CcpXQmszD122ydpig==
=bWbe
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux