|
Information Security Tips Series |
||
|
0 Photo |
||
While mobile computing is gaining popularity, the risk of stolen, lost or misappropriation of mobile devices has also increased. Whilst you are sitting at the café enjoying the convenience of your mobile device, good information security practice would certainly give you additional peace of mind. We will go through a few tips on information security all the way from purchasing and installing to using and disposing laptops (including Netbooks) and tablet computers. Now, let's go buying the secure laptop. Buying a laptop
Before buying a laptop, we should consider whether the desired model comes with the basic security features, for instance: cable lock slot and fingerprint sensor. As production cost continues to drop, more advanced security features such as Bluetooth Wireless Key Logon, SD Token Logon and Trusted Platform Module have become more and more popular. If you are going to use your laptop to process sensitive data, such as financial records and personal data, you may also want to include an anti-peeking screen protector. In addition, some portable hard drives and USB flash drives support built-in encryption, which can effectively reduce the chance of accidental data leakage. Watch for bundle discount on purchasing security software along with the laptop. This is particularly relevant to anti-virus software, which incurs an annual subscription fee. Installing and setting up a laptop
Before using your new laptop, a number of security settings have to be put in place. Firstly, it is the power-on password typically set in the BIOS level. Although BIOS passwords can deter intruders from booting up a laptop, it is never a bullet-proof mechanism. If the laptop you have bought is not a brand new, mint-in-box item, you should format the hard disk and install a fresh copy of the operating system in order to eradicate hidden traces of security threats, such as computer virus, worms and Trojans. The next step is to configure an "Administrator account” with a complex password at the operating system level. Administrator accounts possess the most powerful privilege in the system and should be limited to the handling of system setting tasks only. After that, create general "user level logins” for each user (including the one for yourself), and remove all the other unused login accounts, such as the "guest” accounts. Our goal is to ensure that all users must undergo password login before they can use the computer and that all users are restricted to access his or her own file folders only. Watch out for a common misconception between authentication and encryption. Users authenticate themselves to the system by passing through the login process (using password, or even fingerprint); however, authentication will not automatically encrypt your data. If you are using your laptop to process or store personal or sensitive data, you should consider using an "Encrypted File System (EFS)” which will automatically encrypt selected file folders and effectively reduce the chance of data leakage. At present, EFS is supported by all major platforms, including Windows, Mac OS and Linux. Apart from user accounts, basic defensive measures are also indispensable. These include a firewall to fend off hacker intrusion, anti-virus software with automatic virus definition update, and email scanners to detect virus, worms and spyware, that come from Internet websites or inside email messages. Clearly, you should also apply the latest operating system patches and enable the online update function. Lastly, please do not forget to turn on the Wi-Fi and Bluetooth authentication mechanism over wireless interfaces and set up the corresponding secret keys in order to thwart intruders from infiltrating your laptop quietly over the air. The setup is almost complete now. Next issue, we will discuss some common security risks in relation to everyday use of laptop. |
||
| <<Back to Features>> <<Back to Top>> |