Presentation is loading. Please wait.

Presentation is loading. Please wait.

Laptop Security SIRT IT Security Roundtable Harvard Townsend IT Security Officer May 2, 2008.

Published byLondon Bramblett Modified over 10 years ago

Similar presentations

Presentation on theme: "Laptop Security SIRT IT Security Roundtable Harvard Townsend IT Security Officer May 2, 2008."— Presentation transcript:

1 Laptop Security SIRT IT Security Roundtable Harvard Townsend IT Security Officer harv@ksu.edu May 2, 2008

2 Laptops are risky business… 2

3 Agenda Physical security Protection while traveling Information security Recording identification information Tracking and Recovery software Wireless security Public WiFi hotspots Home wireless VPN service Useful freeware tools demod throughout USB thumb drive security 3

4 4 Physical Security – Theft Prevention Never leave unsecured laptop unattended Lock your doors (reshall room, apt., office) Lock it in a cabinet Use a locking security cable Room/office Hotel room Public locations Conferences, training sessions Cost $15-$50, combination or key lock Use strong password on all accounts

5 5 Traveling Dont let it out of your sight when you travel Be particularly watchful at airport security checkpoints Always take it in your carry-on luggage Never put it in checked luggage Use a nondescript carrying case Be careful when you take a nap in the airport Dont leave it in view in your vehicle Dont trust the trunk - remember the quick release lever inside the vehicle?

6 6 Information Security DONT store confidential data on mobile devices If you must, encrypt it Whole-disk encryption best File or folder encryption reasonable Demo TrueCrypt (open source, Win/Linux/Mac – http://www.truecrypt.org ) http://www.truecrypt.org Beware of managing encryption keys Work with temporary copies on the laptop – keep original file(s) on secure server Backup data regularly Imaging is a lovely tool Diligently manage the security of the device (patches, antivirus software, firewalls, etc.)

7 Finding Confidential Data Dont assume you dont have any confidential data on your laptop Spider from Cornell useful for finding confidential data http://www.cit.cornell.edu/security/tools http://www.cit.cornell.edu/security/tools Searches files for SSNs and credit card numbers Lots of false-positives but still very useful 7

8 Preventing Recovery of Deleted Files Deleted files easily recovered Even after you empty the Recycle Bin Eraser freeware tool to securely delete files (http://www.heidi.ie/eraser/)http://www.heidi.ie/eraser/ Erase Recycle Bin Erase a file instead of delete it Erase free space on hard drive Erase a USB flash drive Media Sanitization when disposing media 8

9 Record Identification Information Record make, model, serial number Take pictures of it Label it with ownership and contact info Engrave cover Tamper-proof asset tag Write on it with permanent marker Distinctive symbols, art Record network MAC addresses 9

10 10 How To Find Your MAC Address In Microsoft Windows XP/Vista Get a Command Prompt window Select Start, then Run, then type cmd.exe In the command prompt window, type ipconfig /all Look for the Physical Address, which is the MAC address For other operating systems, see http://www-dcn.fnal.gov/DCG-Docs/mac/index.html http://www-dcn.fnal.gov/DCG-Docs/mac/index.html

11 11 MAC address

12 12 Tracking & Recovery Software If stolen, the computer contacts the company who traces it and contacts law enforcement to recover it Computrace LoJack for Laptops from Absolute Software (www.absolute.com) is an examplewww.absolute.com Pre-installed in BIOS on many laptops Dell HP Have to buy the license to activate Costs about $30-$50 per year

13 13 Wireless Safety K-State, home, hotels, public hot spots Rule of thumb – FEAR WIRELESS! K-State information: http://www.k-state.edu/infotech/networks/wireless/ http://www.k-state.edu/infotech/networks/wireless/ General wireless security: http://www.onguardonline.gov/wireless.html http://www.onguardonline.gov/wireless.html Wireless terminology: http://www.onguardonline.gov/wireless.html#glossary http://www.onguardonline.gov/wireless.html#glossary

14 14 Wireless Safety Use encryption WEP (weak) WPA (strong - coming to campus soon) VPN Dont work with sensitive data in public hot spot

15 15 Wireless Safety Securing wireless at home http://www.k-state.edu/infotech/news/tuesday/archive/2006/10-24.html#sectip http://www.k-state.edu/infotech/news/tuesday/archive/2006/10-24.html#sectip Use strongest encryption possible – WPA2 Restrict access to specific computers by MAC address Change default settings Admin password for configuration interface SSID Do not broadcast SSID

16 16 Default SSID No Encryption

17 17 Default SSID Strong Encryption Weak Encryption (WEP)

18 18

19 19

20 20 Virtual Private Network (VPN) Encrypts all network traffic between your computer and the K-State border Makes your computer appear to be on campus to get access to restricted resources Does NOT necessarily encrypt everything that goes to the Internet (split tunneling) Also does not encrypt traffic on campus

21 21

22 22 Virtual Private Network (VPN) Must install VPN Client software Information and software available at : http://www.k-state.edu/infotech/networks/vpn/ http://www.k-state.edu/infotech/networks/vpn/ Cannot use it on campus yet (to secure your wireless, for example); will be able to soon. If can get to Internet but not K-State, modify the Transport configuration: Enable Transparent Tunneling IPSec over TCP

23 23 Disconnected Connected

24 USB Flash Drive Security No confidential data! Too easy to lose, easy target of theft Dont use it as a backup device Erase files so they arent recoverable Encrypt files on it with TrueCrypt or - Encrypted USB flash drives Ironkey very popular - https://www.ironkey.com/ https://www.ironkey.com/ View demo? 24

25 25 More Information… K-States Mobile Device Security Guidelines: http://www.k-state.edu/infotech/security/mobile.html

26 Whats on your mind? 26

Download ppt "Laptop Security SIRT IT Security Roundtable Harvard Townsend IT Security Officer May 2, 2008."

Similar presentations

Computer Concepts – Illustrated 8th edition

Computer Concepts – Illustrated 8th edition
1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.
Datamax/MCL Off-Line License Activation Method

Datamax/MCL Off-Line License Activation Method
Follow the instruction to install the PC Suite from the SD card: 1.Go to the settings -> SD Card & phone storage -> Enable the mass storage only mode 2.Connect.

Follow the instruction to install the PC Suite from the SD card: 1.Go to the settings -> SD Card & phone storage -> Enable the mass storage only mode 2.Connect.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
June 2008 Surf Safely with a Clean Computer Roger Thornburn.

June 2008 Surf Safely with a Clean Computer Roger Thornburn.
Data Encryption Data In Transit / Data At Rest. Learning Outcomes How to: – encrypt data on an USB key – encrypt a document – email a document safely.

Data Encryption Data In Transit / Data At Rest. Learning Outcomes How to: – encrypt data on an USB key – encrypt a document – a document safely.
Laptop 101 Campus Training Mac Version. Introduction Learning Objectives After completing this course the participant will be able to: 1. Successfully.

Laptop 101 Campus Training Mac Version. Introduction Learning Objectives After completing this course the participant will be able to: 1. Successfully.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Cyber Security on the go

Cyber Security on the go
IRIS Computing Orientation Lars Rohrbach Instructional and Research Information Systems (IRIS) 1 E LECTRICAL E NGINEERING AND C OMPUTER S CIENCES U NIVERSITY.

IRIS Computing Orientation Lars Rohrbach Instructional and Research Information Systems (IRIS) 1 E LECTRICAL E NGINEERING AND C OMPUTER S CIENCES U NIVERSITY.
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
1 2 In a computer system, a file is a collection of information with a single name, such as addresses.doc, or filebackup.ppt, or ftwr.exe, or guidebook.xls.

1 2 In a computer system, a file is a collection of information with a single name, such as addresses.doc, or filebackup.ppt, or ftwr.exe, or guidebook.xls.
Troubleshooting Startup Problems

Troubleshooting Startup Problems
The Office Procedures and Technology

The Office Procedures and Technology
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
Cyber Safety Assessment Review

Cyber Safety Assessment Review
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Similar presentations

Ads by Google