Look after your laptop

Having a nice notebook is one thing: looking after it is another. Windows Middle East takes a look at how to keep your laptop – and its sensitive data – safe.

  • E-Mail
By  Peter Branton Published  September 23, 2004

|~|Laptop-security---main.jpg|~||~|There’s a new security threat which can get access to all your data and remove your entire IT infrastructure in a matter of seconds. Its called a thief. As notebook sales have soared in the Middle East in the past year or so, we’re all getting more and more dependent on them (this feature was tapped out at home on one). In the UAE market alone, notebook sales accounted for 45% of total PC shipments in the first half of 2004, up from 29% in the same period last year. With the increasing focus on hot spot usage in the region and Intel’s continued push behind its Centrino processor, this trend is only going to continue. But that means we need to look after them and protect them from threats. And there are threats. A notebook, desktop replacement or otherwise, faces the same threats as said mentioned desktop, but there are certain obvious differences which add extra vulnerabilities. As notebooks get smaller, lighter and more portable, they also become more tempting targets for opportunistic sneak thieves, and the more confidential data you have on your laptop the worse you’ll be affected by its loss. Firstly, even if you’re going for a budget option, a notebook is likely to cost in excess of $1,000 to buy – and to replace. The extent you’re vulnerable to theft is going to depend on a large extent to how often you’re carting your notebook around in public, but a desktop replacement left unattended overnight is still going to be easier to remove than an ordinary PC. “Theft is the obvious security threat facing notebooks: it’s a lot easier to steal a notebook than a desktop,” says Vishnu Taimni, portables and handhelds category manager for HP Middle East’s Personal Systems Group (PSG). “But there are other security threats as well, such as wireless security, which is becoming more and more important as wireless becomes a standard.” For physical protection from theft HP, like some other vendors we spoke to, offers the industry-standard Kensington Lock cable lock as an accessory for customers. This allows you to secure your notebook while you’re in an internet café or in an insecure office or wherever. While your opportunistic thief discussed earlier would need a set of bolt cutters to get your notebook, such locks aren’t much good if you don’t have anything to secure the notebook to however. There are some motion sensors on the market that sound an alarm when anyone tries to tamper with your laptop, although of course you need to be nearby for these to be effective. Like other notebook vendors, Fujitsu Siemens offers the Targus Defcon 1 motion sensor device as an accessory for its notebooks. HP also offers asset tags on notebooks, which can help an IT manager at a company to keep track of where they are. Dell also offers an asset tagging system, with the tags holding user information. If these are removed a STOLEN sign is clearly displayed, making it more difficult (if not impossible) to resell the notebook. To prevent a thief from just making off with the hard drive of the notebook, Dell has designed its systems so that the media drive can’t be removed when the notebook is docked, as the screw to remove it can’t be accessed. Physical protection doesn’t just cover stopping your kit getting stolen of course, it also has to withstand the knocks of being carted around and cope with changes in temperature when its on the move. Acer’s range of testing for hardware security includes temperature and humidity, acoustics, electrostatic discharge, weigh and pressure and shock and vibration. The vendor has also built in a disk anti-shock protection system (DASP) in to some of its tablet PC devices and business notebooks. This device, which is fitted to the base of the unit below the hard disk drive, is designed to guard against data loss caused by accidental knocks. IBM has built-in anti-shock systems on its ThinkPad notebooks that help protect them from damage if dropped. While a notebook is a pretty valuable piece of kit, the value of the data can far outweigh the cost of replacing the hardware of course. And while its all well and good to keep your notebook securely locked to a desk, you don’t want somebody reading your data when you pop to the loo or order that second cappuccino. “Notebook security is critical not only from the financial cost of the loss of a notebook, but also intellectual property losses as well,” says Graham Braum, business development manager for notebooks at Acer Middle East. “User authentication and data tampering are two aspects of data security that are critical for end users.” If you’re using Windows XP then you have a basic level of security built in to the OS, with the user password system. However, without wishing to sound anti-Microsoft few users would honestly say that Windows is the last word in security. “Windows passwords can be defeated, 90% of them can be guessed in three goes,” says Andrew Nicholson, client product manager for Dell EMEA. In any case, once your notebook has been stolen, a thief can remove the hard drive and install it in a PC, as a secondary drive, rendering the password useless and leaving any unencrypted data on the hard drive open to be read. Adding password protection at the bios level is another basic security precaution. “All Acer notebooks offer bios and administrator passwords to be enabled at start up in the bios,” says Braum. Acer notebooks also feature hard disk encryption in bios, he adds, which makes it much harder for a thief to read the disk (although it can still be done by a skillful intruder). A more potent form of protection is offered by smart card technology. HP offers smart cards built in to some of its notebooks (and optional on others) which adds another level of security, as the smart card has to be activated with a password. “If you’re concerned about security then a smart card is the most beneficial solution as you’re protected even if you leave your notebook on a desk in an office or in a café,” says Taimni. “If you want to go to the bathroom or whatever you can just pull the smart card out and you’re reasonably safe.” Dell has integrated smart card readers in to its D400, D600 and D800 notebooks, which provide a two-factor authentication. Its OtaniumSuite Pro provides smart card logon and file/folder encryption for protecting data, while the OtaniumSuite PKI adds encrypted e-mail protection and digital signature protection. HP also offers biometric security as an optional extra with a biometric fingerprint reader available for all its notebooks. The PCIMCIA card-based solution requires the user’s finger print to boot up the system, creating one more level of security. In addition it offers a Trusted Platform Module (TPM) chip, which is a security chip built in to some of its notebooks (and optional on others). Fujitsu-Siemens also offers a fingerprint authenticator through a PCMCIA card solution and uses a SmartCard system to provide chipcard based access protection. On some models, Fujitsu-Siemens also offers a security panel on the base of the notebook just below the screen, which forms a pre-boot security system: the user has to enter a four-digit PIN code before he can start the notebook up again. Since most of us tend to go for passwords that can be easily-guessed, if you are going to rely on passwords for your security protection, then at least consider making the thief’s task a little harder: use longer passwords (at least eight characters) and include random symbols, such as !, *, or ^, so a would-be hacker can’t guess them quickly. While such measures protect your machine and the data on it, notebooks come with other security threats. “Most notebook users today want to connect wirelessly, so wireless security is very important,” says Braum. While hot spot usage in the Middle East is still lagging behind the US and Europe, increasing numbers of users are logging on to the internet in such locations as airports and hotels, and this usage is only going to increase. Therefore, you need to ensure that your notebook supports the latest wireless security standards. Happily, most of the major notebook vendors are offering strong levels of wireless security on their products. For instance, Acer provides its notebooks with Acer SignalUp technology, which is certified by the Wi-Fi Alliance as providing WPA (Wi-Fi Protected Access) level security, which requires the authentication of each user attempting to access the network. Dell offers MAC address filtering, so an access point can be set up to provide access to only certain wireless cards. We’ll leave you with words of advice from K H Kim, IT products manager, LG Gulf: “The solution is to recognise two essential points, firstly security consists of both technology and policy, it’s the combination of the technology and how it’s used that ultimately determines how secure your system is. Second, security is a journey, not a destination, it is not a problem that can be solved once and for all, the key is to ensure you have good security awareness and exercise sound judgement,” he concludes. ||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code