Securing Laptop/Notebook Data

Many people store personal information as well as important business data on their laptops, notebooks, PDAs, and other portable computing devices. These devices can be very easily stolen or even “lost,” exposing individuals, corporations, and customers to more harm like identity theft (as happens with every new story about companies losing laptops and portable drives with customer credit card and SSN information) and loss of proprietary information.

The old rule of thumb about not owning things that someone wants bad enough to steal applies to data as much as it things like cars, jewelry, and even laptops themselves. If it’s important enough to cautiously protect, it probably shouldn’t be stored on such a portable (steal-able) device. That’s impractical for a lot of reasons in today’s world, but there are steps people can take to protect themselves and their data.

This article notes that laptop/notebook thefts eclipsed 750,000 in the US alone last year, and that 97% of stolen notebooks are never recovered and details a few steps to at least secure their data should their devices be stolen. Most are simple and straightforward: using passwords. Those aren’t impervious, though: I regularly bypass passwords (such as the last hard drive I bought at a garage sale — only the user account was password-protected, the rest of the drive was accessible).

Data can also be secured via encryption (which is only as strong as the protocol used). Stolen computers can also report their locations via services primarily targeted at Microsoft and Mac users. I think the former is preferable to the latter because I can think of several ways to keep a computer from e-mailing its most recent locations (and I’m pretty sure I could also disable such functions). In fact, it’s a lot easier to prevent a computer from calling home than it is to crack a well-encrypted file or partition.

There are open source options available in addition to those listed in the article. GPG is available for both Windows, Linux/BSD, and there’s also a Mac port now. Another smaller, and maybe simpler, encryption solution for those working across platforms is bcrypt. It’s not as feature-filled as GPG, but it’s small enough that it can be very portable — it’s only 61kb so it can be installed (along with the required zlib dll, 63kb) on every USB thumbdrive to encrypt/decrypt its contents regardless of where one may use it.

I’ve found bcrypt to be very useful when using both Windows, whether with PortableApps and U3 or just to encrypt/decrypt normally stored data, and Linux. Its only drawback in the Windows version is it doesn’t hide or mask passphrases. It works so simply (the same command encrypts and decrypts) and seamlessly, though, between Windows and Linux versions that I highly recommend it for those using either or both systems.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: