Laptop Lockdown

Written by Shawn Strickler

Wednesday, 16 July 2008

Laptop security.  There I've said.  You know you need to do it. You know what the risks are if you lose your laptop or let someone access it unknowingly.  You know what can happen if you don't backup your data so I'm not going to give you a big spiel on why it's important to backup, lockdown and protect your laptop and its data.   I will just get right into the "HOW TO DO IT" with a few tools and simple protection steps.   (1) In these examples I will be using a Dell laptop with Windows XP.  Keep in mind that all laptops are different and run different configurations so check your manual for your computers settings.  This guide will give you a good blueprint to follow so that you can tweak your PC settings and help you secure your laptop when you are on the go and also protect your files and information should it get stolen or lost.  Block access to your Laptop - The idea here is to limit the access of the computer when it boots up to just the hard drive because there are several ways to allow a computer to boot from a CD-ROM or USB device and cause damage.  This allows a user to change the administrator password or install rootkits......that's bad.  You will need to edit the BIOS Settings on your computer to lock it down and this is done right when the computer starts up. When the computer starts, press [F2] to access the BIOS setup Under System, select Boot Sequence. Make sure the Internal HDD is the only device with a number beside it. Press [Esc], and select Save. Under Security, select Admin Password Set an admin password. (This will prevent someone from changing boot options or changing the BIOS setup, but it won't interfere with normal operation.) Under Security, Select System Password Set a System password.  (This will prevent users from gaining access to your operating system) (Optional) For greater security set an Internal Hard Drive Password under the Security Tab.   This will protect the disk even if it is placed into another computer.  You will enter this password whenever the hard drive is powered on or restarted from Standby. Press Esc, Save and Exit.   Now your computer will ask you for your password whenever you boot the machine. Protect your Data - Losing your computer doesn't have to mean losing your privacy, you can still keep your data from the wrong hands using encryption and laptop retrieval methods.  Encryption - It's the process of converting data into a format that cannot be read by others.   When you computer gets stolen, you can at least feel somewhat comfortable knowing that your data can't be read by anyone else. Truecrypt - (www.truecrypt.com ) - Password encrypt an entire hard drive partition or other storage device such as USB flash drive or hard drive using this simple to install software.  NOTE: Make sure that you check the "Auto-dismount when entering power saving mode" option.  When you put the computer to sleep the keys are erased. When a Truecrypt volume is dismounted its associated key is wiped from memory using a cryptographically secure method. But if it's mounted when you /physically/ steal the computer, or are at the login password prompt (and the disk is mounted as a system disk would be) when you /cut the power/ to use these techniques, the key is still in memory and vulnerable to these attack methods.   And if you leave your Laptop/PC unattended it should be completely powered down. If the computer is stolen while the computer is on, it may still be vulnerable, because the hard disk will still have the decrypt key in its memory.  There is a method that allows someone to be able to freeze and remove the hard drive and then 'hot-swap' it into another system to access like nothing happened Microsoft Encrypting File System (EFS) - Mircosofts free encryption software that is for Windows XP Professional users.  Microsoft has an easy to article to help you set that all up. http://www.microsoft.com/windowsxp/using/security/learnmore/encryptdata.mspx. Data Recovery/Destruction - If your computer does get stolen or is misplaced (yeah right!), there are several services that can help you retrieve the data or kill it remotely. The Laptop lock. (www.thelaptoplock). This free for now service protects the data and aids in the recovery process of a computer if it's stolen. It can remotely delete files (secure data wiping now available), encrypt files, execute a program, or hide data.   It can also help locate your laptop when it comes online. LoJack (www.lojackforlaptops.com) - Recover a stolen computer with a small, undetectable program.  Allows you to remotely delete data to ensure sensitive information is kept safe. Synet Anti-Theft  - Track, recover and protect important data on your mobile PC Clear your memory - Computers use a file to store information in it from time to time to make a computer faster.    This file sometimes carries some vital information and needs to be cleared every time you boot down.   Even then, your systems memory can contain information on it when the computer is completely off.   To reduce the risk presented by storing information in the page file you can configure Windows XP to erase the page file each time you shutdown Windows and you also should disable Hibernation. Clear out your Pagefile - Virtual memory on your computer allows Windows XP to open more windows and run more programs simultaneously while only keeping the one being actively used in RAM.  This data may possibly contain unencrypted passwords or other sensitive information since many third party programs do not bother to encrypt data that is being passed to the memory, even though it may end up on the page file.  Windows does not automatically clear a pagefile when a user logs out, which means there is a good chance that copies of the user's files will still exist in the pagefile long after the user logs off. Windows security prevents users from logging in and browsing the pagefile, but there is nothing to stop a user from booting an alternate OS and using that OS to circumvent Windows security and browsing the pagefile. Clearing the pagefile takes time and prolongs the shutdown procedure, but it removes user data from the pagefile.  To configure Windows to clear the pagefile at shutdown: Open the Group Policy Object Editor. Navigate through the console tree to Computer Configuration | Windows Settings | Security Settings | Local Policies | Security Options. Double click on the Shutdown: Clear Virtual Memory Pagefile option. Choose the Enable option. Click OK Here are the steps to disable hibernation - When a computer goes into hibernation mode; the contents of the system's memory are dumped to disk in an unencrypted format, leaving data vulnerable to exposure.  Open the Control Panel. Click Performance and Maintenance. Click Power Options. When the Power Options properties sheet appears, select the Hibernate tab. Clear the Enable hibernation check box. Click OK. Lock down your laptop....literally. - Bolt down your laptop with a security cable to something while you are temporarily away or distracted.   I know a security cable can be sawed through, picked at, torched open or broken apart, but this will act as a deterrent for the majority of people. Tryten Computer Cable Lock X2 - It locks many devices as well as your laptop. Mini Alarm, a locking system that emits a piercing 100-decibel alarm if the cable is cut or the motion sensor detects any movement. Now these methods are not going to secure your laptop 100%, but collectively they provide a solid barrier to would be thief's and should provide you a least a comfort in knowing your laptop is safe.

 

< Prev		Next >