Laptop/Portable Computer Security Guidelines

Laptop/portable computers and PDAÕs present their own unique set of security concerns due to their portability. They are used in office settings, but just as often are used at home, in airplanes, in hotel rooms, and anywhere in between. One must consider the physical security of these devices and the protection of the confidential and/or sensitive information that is often stored on them.

In addition to the security measures appropriate for desk-top workstations, the following guidelines help provide improved protection for portable computing devices.

  1. Physical security:
    1. Unless absolutely necessary, do not leave laptop or portable computers unattended.
    2. To discourage computer theft, use cables to lock computers to work surfaces that are often used.
    3. Consider using products that use tracking devices that may help recover lost or stolen devices.
    4. Record and keep serial numbers or other unique identifiers that may help identify lost or stolen devices.
  1. Information security:
    1. Use good judgment about the amount of institutional or other sensitive data that you store. Only store data that will be needed while traveling.
    2. Use power-on passwords to prevent unauthorized use of the device.
    3. Use firewall programs to prevent unauthorized access to your device from other network nodes.
    4. If your laptop or portable contains confidential and/or sensitive information, consider using a product that will encrypt the entire hard disk of your laptop computer, so that the computer cannot even be booted up by anyone who does not have the password, or choose to encrypt only specific files or directories, so that no one else can get into your sensitive data without knowing your password.
    5. Insure that all files that reside on your laptop/portable computer are regularly backed up to a secure server location or to other media (e.g. CD or zip disk) and stored in a secure location.

Last updated on June 17, 2004