US-CERT Cyber Security Tip ST04-020 -- Protecting Portable Devices: Data Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                       National Cyber Alert System
                       Cyber Security Tip ST04-020

Protecting Portable Devices: Data Security

   In addition to taking precautions to protect your portable devices, it
   is important to add another layer of security by protecting the data
   itself.

Why do you need another layer of protection?

   Although  there  are  ways  to physically protect your laptop, PDA, or
   other  portable  device  (see  Protecting  Portable  Devices: Physical
   Security for more information), there is no guarantee that it won't be
   stolen. After all, as the name suggests, portable devices are designed
   to  be  easily  transported.  The  theft itself is, at the very least,
   frustrating,   inconvenient,   and  unnerving,  but  the  exposure  of
   information  on  the  device  could  have  serious consequences. Also,
   remember  that  any  devices  that  are  connected  to  the  internet,
   especially  if  it  is  a wireless connection, are also susceptible to
   network attacks (see Securing Wireless Networks for more information).

What can you do?

     * Use  passwords  correctly  -  In  the  process  of  getting to the
       information  on  your  portable  device,  you  probably  encounter
       multiple  prompts  for passwords. Take advantage of this security.
       Don't   choose  options  that  allow  your  computer  to  remember
       passwords, don't choose passwords that thieves could easily guess,
       use different passwords for different programs, and take advantage
       of  additional authentication methods (see Choosing and Protecting
       Passwords and Supplementing Passwords for more information).
     * Consider  storing important data separately - There are many forms
       of  storage  media,  including floppy disks, zip disks, CDs, DVDs,
       and  removable  flash  drives  (also  known as USB drives or thumb
       drives).  By saving your data on removable media and keeping it in
       a  different  location  (e.g.,  in  your  suitcase instead of your
       laptop  bag),  you  can  protect  your data even if your laptop is
       stolen. You should make sure to secure the location where you keep
       your data to prevent easy access.
     * Encrypt  files - By encrypting files, you ensure that unauthorized
       people  can't view data even if they can physically access it. You
       may  also want to consider options for full disk encryption, which
       prevents  a  thief  from  even  starting  your  laptop  without  a
       passphrase.  When  you use encryption, it is important to remember
       your  passwords  and  passphrases; if you forget or lose them, you
       may lose your data.
     * Install  and  maintain  anti-virus  software - Protect laptops and
       PDAs  from viruses the same way you protect your desktop computer.
       Make  sure  to  keep  your  virus  definitions  up  to  date  (see
       Understanding Anti-Virus Software for more information).
     * Install  and  maintain  a  firewall  -  While always important for
       restricting   traffic  coming  into  and  leaving  your  computer,
       firewalls  are  especially  important  if  you  are  traveling and
       utilizing different networks. Firewalls can help prevent outsiders
       from gaining unwanted access (see Understanding Firewalls for more
       information).
     * Back up your data - Make sure to back up any data you have on your
       computer  onto  a  CD-ROM,  DVD-ROM, or network (see Good Security
       Habits  and  Real-World  Warnings  Keep  You  Safe Online for more
       information).  Not  only will this ensure that you will still have
       access  to  the information if your device is stolen, but it could
       help you identify exactly which information a thief may be able to
       access.  You  may be able to take measures to reduce the amount of
       damage that exposure could cause.
     _________________________________________________________________

   Authors: Mindi McDowell, Matt Lytle
     _________________________________________________________________

    Produced 2007 by US-CERT, a government organization.

    Note: This tip was previously published and is being re-distributed 
    to increase awareness. 
  
    Terms of use
 
    <http://www.us-cert.gov/legal.html>
  
    This document can also be found at
 
    <http://www.us-cert.gov/cas/tips/ST04-020.html>
 

    For instructions on subscribing to or unsubscribing from this
    mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
     
     
     
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRwz+ufRFkHkM87XOAQLyswf8C03wGpqOGz/4iVvoHB208Oibfg3Tv9z3
VclMjDSAz1QWV9FpY5KjOuVEiOrT5siwHw/xItz90U7w7C8X4eGzXrreXkioO2FB
bSn1oRz7UQnXEA1dt64h6sbVzDx0jSi2ekHTKHd3AKwp6FFKJbXrOIkZLXzYJavz
iktTp9YvYEnhh+CnDqp2SvYaXfBOUdeeTVtf9K1zKakm2cvXCdGOyH79p+zYZ0r2
7CZQWxV5lkxAvrMKd10tzsIJtlBk0E3d2+BvdwnKlKvmuWc2CqbC1U5cokoIneIw
51autmaDecQy3Tte2Ek3K46QyibtafHGKzLAZ4IZzved97vc40I/sg==
=sJ3Y
-----END PGP SIGNATURE-----
[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux