Keeping Personal Data Safe on Laptops�

Data Security

• Staples, Kmart, Dairy Queen, Jimmy John’s, Home Depot, Goodwill, and Target
• All have experienced an extremely large data breach in recent months
• According to USA Today, 43% of companies have experienced a data breach within the past year
• How do companies combat data security issues?

Making a Company Policy

• Security Awareness Training
• Have employees attend a security awareness seminar (in house or out)
• Have Employees Read and Sign
• Strong password requirements
• Company Installed Laptop Locks

​

​

​

​

​

​

Password Creation

Password Requirements

• At least 6 characters in length
• Sufficiently different from existing passwords
• Not be an old password
• Have a maximum password timeframe (required to change every 90 days)
• Always log out when away from your workstation

​

Password Recommendations

• At least 1 capital letter
• At least 1 lower-case letter
• At least 1 non-alphanumeric character
• At least 1 number
• At least 8 characters in length

​

Physical Security

Physical Security

• Always use computer locks
• Using tamper resistant Asset ID tags to prevent resale of your device and aid authorities in identifying your laptop

​

• Using a non-descript carrying case. Avoid cases with company logos as business computers can be considered more valuable than personal

​

• When leaving a laptop in a car, lock it in a trunk with the cable lock attached to a secure mounting point

Operating System Security

Operating System Security

• Current version of operating system being used within your company
• Auto-updates on software when logged in to the company network
• Disable all unnecessary ports, USB and infrared included
• Block all third party applications from being downloaded

Software Security

Software Security

• Antivirus, Adware, and Spyware are a must
• VPN technologies that protect and encrypt at the data-link layer
• Patching management software to ensure all patches for both the operating system all software are installed in a timely fashion

​

• Encryption software to keep all data on the hard drive encrypted when not in use

​

​

Data Protection

Data Protection

• File backup and synchronization
• Keep all important data on the company’s servers
• Remote wipe software package installed on computers
• Allows companies to remote remove ALL data from the hard drive of the lost/stolen computer and render that hard drive inoperable

Employee Training

Employee Training

• Show users where/how files are to be stored on their computer
• Conduct regular security training classes to update users on new threats
• Cover security policies with users about email, web surfing, and travel policies
• Have IT/IS security personnel conduct random checks of user computers to ensure policies are being followed