Sister CISA CISSP

May 14 2009   2:28PM GMT

Turn it Off on the Road

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

I travel a lot – about 40% of the time. I plug in to the Net from all sorts of places as a part of doing business. So I have some rules based on experience:

1. Turn off the WiFi adapter if it’s not in use. Why broadcast the last hotel you stayed in, and allow bad people to try and attach to your machine? Check your settings, too, to make sure you connect only to infrastructure, NEVER Ad hoc. Never.

2. When you’re in the hotel at night, have you ever checked your Event Log? That’s how I found someone from a lobby computer trying to log into my machine using various passwords and the “Administrator” login. Of course, I had changed that ID name AND created another one with no rights. The motel manager got an earful. So – turn off your laptop, or pull the network plug at night.

And make sure you have Failure logging in your local security policy. For everything. Can’t hurt, since the log overwrites.

Don’t leave the machine on the network for someone to attack all night.

3. Disable ALL shares on your computer. During the day, I have a share running so that coworkers can exchange and update files. I turn it off every night.

4. If you have to leave your laptop somewhere, first of all: don’t. I take mine back with me to the hotel. But when I leave it in the office, I turn if off. Off, whoever steals it won’t get past the disk encryption. If I leave it on, the encryption is disabled, and the possibility of hacking my password or otherwise bypassing Windows controls exists.

Your laptop is disk-encrypted, right?

4. Tape a business card to the top of your computer. A lot of laptops look alike going through security at the airport. Make sure no one has walked off with yours.

5. If you walk away from your computer, lock the screen. Make it a habit, whether you are in the office or on the road.

I had a boss that would go around locking it for you with a nasty message scrolling across the desktop – AND you had to go to him to get the password, because he went in and changed it.

Take a moment to think about what files are on your laptop and what value they might have. Consider what steps you will need to go through should your laptop be stolen.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: