-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Cyber Security Tip ST04-017
Protecting Portable Devices: Physical Security
Many computer users, especially those who travel for business, rely on
laptops and PDAs because they are small and easily transported. But
while these characteristics make them popular and convenient, they
also make them an ideal target for thieves. Make sure to secure your
portable devices to protect both the machine and the information it
contains.
What is at risk?
Only you can determine what is actually at risk. If a thief steals
your laptop or PDA, the most obvious loss is the machine itself.
However, if the thief is able to access the information on the
computer or PDA, all of the information stored on the device is at
risk, as well as any additional information that could be accessed as
a result of the data stored on the device itself.
Sensitive corporate information or customer account information should
not be accessed by unauthorized people. You've probably heard news
stories about organizations panicking because laptops with
confidential information on them have been lost or stolen. But even if
there isn't any sensitive corporate information on your laptop or PDA,
think of the other information at risk: information about
appointments, passwords, email addresses and other contact
information, personal information for online accounts, etc.
How can you protect your laptop or PDA?
* Password-protect your computer - Make sure that you have to enter
a password to log in to your computer (see Choosing and Protecting
Passwords for more information).
* Keep your laptop or PDA with you at all times - When traveling,
keep your laptop with you. Meal times are optimum times for
thieves to check hotel rooms for unattended laptops. If you are
attending a conference or trade show, be especially wary--these
venues offer thieves a wider selection of devices that are likely
to contain sensitive information, and the conference sessions
offer more opportunities for thieves to access guest rooms.
* Downplay your laptop or PDA - There is no need to advertise to
thieves that you have a laptop or PDA. Avoid using your portable
device in public areas, and consider non-traditional bags for
carrying your laptop.
* Consider an alarm or lock - Many companies sell alarms or locks
that you can use to protect or secure your laptop. If you travel
often or will be in a heavily populated area, you may want to
consider investing in an alarm for your laptop bag or a lock to
secure your laptop to a piece of furniture.
* Back up your files - If your portable device is stolen, it's bad
enough that someone else may be able to access your information.
To avoid losing all of the information, make backups of important
information and store the backups in a separate location (see Good
Security Habits for more information). Not only will you still be
able to access the information, but you'll be able to identify and
report exactly what information is at risk.
What can you do if your laptop or PDA is lost or stolen?
Report the loss or theft to the appropriate authorities. These parties
may include representatives from law enforcement agencies, as well as
hotel or conference staff. If your device contained sensitive
corporate or customer account information, immediately report the loss
or theft to your organization so that they can act quickly.
_________________________________________________________________
Author: Mindi McDowell
_________________________________________________________________
Produced 2007 by US-CERT, a government organization.
Note: This tip was previously published and is being re-distributed
to increase awareness.
Terms of use
<http://www.us-cert.gov/legal.html>
This document can also be found at
<http://www.us-cert.gov/cas/tips/ST04-017.html>
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRtWUS/RFkHkM87XOAQJKUQf9E+koP+sA3Az+l1EYQHGHd+Z1VUz9ElrL
1i8aNBjYs7fY9iUF3tu+N+0S4yT26JNRj0rQzCtgSSBJ/s/UuUjQs1+LJMpLUcoj
+UE/XCVS6x04D68ihIBNOZAsu1afF1ExXr/M4DRxQBMwqfwHqIs5xeDzENJkHFrG
khaCRIjXQ0mC25GThP/ZvZ3n8ZOxK/acPl/jIMYqDHwcz3w7lF9uxRWFgijTgW4B
aYW055NqxJPAST0qo2ohQs3Js+K3B3g4H9vPkF1hsyRz5KDuPG5qNePl1fe5o97S
vgatttyoQDCkNnK2CY0Esl3bWUENpU5W9kE6z9ytCjAKpT13626Tsg==
=6mU2
-----END PGP SIGNATURE-----
