If there’s one lesson you should take away from National Cyber Security Awareness Month (NCSAM), it’s the fact that we all make mistakes when it comes to our digital security.
You might think we would be better at protecting ourselves. After all, the internet permeates almost every aspect of our digital lives. So why do we need campaigns like NCSAM?
Essentially, it boils down to how we need to think better.
That’s because we never know when we might encounter a security threat. For instance, we might encounter a phishing link when we’re feeling alert, or perhaps when we find ourselves tired, distracted, and curious to click on a mysterious URL.
The key is that you think ahead, foresee all of these scenarios, and plan for them accordingly.
Let’s take a look at how we can plan for one IT security threat in particular: stolen laptops.
Stolen Laptops: A snapshot of loss and theft
Protecting against stolen laptops isn’t as simple as keeping your device in a safe place.
Sure, you have events like the 2011 breach at Virtual Radiologic Professionals, where someone stole an employee’s unencrypted laptop from their car.
But you also have the 2016 theft at Premier Healthcare, where someone made off with a laptop containing more than 200,000 patients’ data that was kept in the locked and alarmed administrative office of the company’s billing department.
Some pretty serious stuff right there.
Of course, those aren’t the only two incidents of stolen laptops negatively affecting healthcare companies. In fact, stolen laptops is a persistent problem in the healthcare industry. Verizon found in its 2015 Data Breach Investigations Report that misplaced IT assets like laptops accounted for up to 45 percent of the sector’s breaches.
Why is that the case?
On the one hand, employees everywhere make mistakes. The worker at Virtual Radiologic Professionals, for instance, might have neglected to lock their car or hide the laptop out of sight.
But on the other hand, some people know how valuable medical information is, and you never know what their intentions might be. A teenager might have been looking to steal something valuable out of one of the employee’s cars at VRP, for example, or someone might have just gotten fired and decided to exact revenge against the company.
In the case of the breach at Premier Healthcare, there were cleaning crews, security personnel, and other people who all had keys but who might also have had ulterior motives.
Things can and do happen, which is whey we need to make the effort to protect against stolen or lost laptops.
How to protect your laptop in case it is lost or stolen
Some basic defensive measures go a long way towards protecting your computer in the event that it’s lost or stolen.
For example, you should protect your computer’s user and admin accounts with strong passwords.
Just in case an attacker brute forces or succeeds in guessing your password, you should also disable your apps from auto-logging in upon boot-up. That step will in the very least help deter attackers from automatically accessing some of your other accounts.
In the meantime, businesses are fighting against stolen laptops by making sure they encrypt the hard drives of all corporate laptops and by training employees to be careful with those devices.
They’re also activating device tracking software to help them recover a laptop if it goes missing. Of course, there are solutions you can install on whichever device you own that allow you to track it remotely. But fortunately for home users, all Apple and Windows 10 computers come with their own software that allow you to track your device.
How to find your lost or stolen Mac:
- Go to System Preferences.
- Make sure Find My Mac is enabled.
Should something happen to your laptop, you can simply log into your iCloud account to lock your computer, erase the contents of your Mac, or track it on a map.
Some of those features, like locking and erasing your Mac, can be activated even if the computer is off.
How to find your lost or stolen Windows 10 PC:
If you own a PC that received Windows 10’s November 2015 updates:
- Navigate to the Start Menu.
- Click on Settings.
- Navigate to Update & security > Find My Device.
- Click to enable the feature.
This Windows feature is more about locating a lost device. With that said, as long as the computer is turned on and connected to the internet via Wi-Fi, an ethernet connection, or a cell data plan, you will be able to track its location.
Found. Secured. Protected.
You never know what life’s going to throw at you, which is why it’s important to do everything you can to strengthen your digital security. That includes enabling “Find My Device” on your laptop.
Are you trying to do something to strengthen your digital security but don’t know how? Let us know what you’re trying to do in the comments, and we might write up a “How to” guide to help you!
How about making sure it's encrypted?
Having a strong user and admin password is important but it won't necessarily protect you from somebody who removes the hard disk or boots into another OS to extract your confidential data.
Also use a Kensington lock to chain your laptop to the desk; a model with an integrated alarm is even better.
UV markings or asset tags are another good idea as they help the device become reunited with its owner.
I also used a Kensington lock in my uni days some 15 years ago. I couldn't necessarily take the laptop with me when nature calls or to simply take a break…
It's crazy as I didn't set up disk encryption, carelessly didn't bother creating a system BIOS password and fully knowing that the local SAM could've easily been cracked with a tool like ntpasswd…
Thinking about it now, back then I was more adverse to hardware theft than I was to data lost; nowadays, it's quite the opposite.
Agree with comments of 09:13. Assigning username/password provides little protection. There are multiple ways to bypass without the need to remove the hard disk.
Another +1 for hard disk encryption, so that data is secured and the OS won't even boot without the right password. I would have also liked to have seen a little more detail on choosing strong passwords.
My personal advice would be to consider any device as disposable. Even if it's not lost or stolen, it could be dropped, water damaged or simply break, especially when it's a few years old. You want to ensure that you can still access your data, and in the case of the device being lost or stolen, that someone else cannot. To ensure you can still access your data, consider cloud storage such as Dropbox, Google Drive, Microsoft OneDrive, etc.
If you lose access to your device for any of the above reasons, ok it may be a hassle and a bit of a financial hit to buy a replacement, but at least you have the confidence that you still have your data and, importantly, nobody else does.
How about:
1. Use full disc encryption on everything, even the backups and USB drives.
2. Regularly backup, at least once per day (easy with Apple Time Machine).
3. Rotate backup drives – I use four different 3TB USB drives.
4. Store at least one backup drive off site, e.g. In a locked drawer at work or at home.
5. Rotate off site backup drive at least weekly, ensuring all backups are never in same location.
6. Make bootable backups for quick disaster recovery (easy on a Mac with Carbon Copy Cloner).
7. Store password fragments or easy clues with your will and/or multiple trusted people.
If using Find My Mac be sure to enable the guest account – you won't be able to find it unless the villain connects it to the internet. The guest account is ideal providing your disc is encrypted as your data remains safe.