What is at risk?
Only you can determine what is actually at risk. If a thief steals your laptop or mobile device, the most obvious loss is the machine itself. However, if the thief is able to access the information on the computer or mobile device, all of the information stored on the device is at risk, as well as any additional information that could be accessed as a result of the data stored on the device itself.
Sensitive corporate information or customer account information should not be accessed by unauthorized people. You’ve probably heard news stories about organizations panicking because laptops with confidential information on them have been lost or stolen. But even if there isn’t any sensitive corporate information on your laptop or mobile device, think of the other information at risk: information about appointments, passwords, email addresses and other contact information, personal information for online accounts, etc.
How can you protect your laptop or internet-enabled device?
- Password-protect your computer: Make sure that you have to enter a password to log in to your computer or mobile device (see Choosing and Protecting Passwords for more information).
- Keep your valuables with you at all times: When traveling, keep your device with you. Meal times are optimum times for thieves to check hotel rooms for unattended laptops. If you are attending a conference or trade show, be especially wary—these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms.
- Downplay your laptop or mobile device: There is no need to advertise to thieves that you have a laptop or mobile device. Avoid using your device in public areas, and consider non-traditional bags for carrying your laptop.
- Be aware of your surroundings: If you do use your laptop or mobile device in a public area, pay attention to people around you. Take precautions to shield yourself from “shoulder surfers”—make sure that no one can see you type your passwords or see any sensitive information on your screen.
- Consider an alarm or lock: Many companies sell alarms or locks that you can use to protect or secure your laptop. If you travel often or will be in a heavily populated area, you may want to consider investing in an alarm for your laptop bag or a lock to secure your laptop to a piece of furniture.
- Back up your files: If your mobile device is stolen, it’s bad enough that someone else may be able to access your information. To avoid losing all of the information, make backups of important information and store the backups in a separate location (see Good Security Habits for more information). Not only will you still be able to access the information, but you’ll be able to identify and report exactly what information is at risk.
What can you do if your laptop or mobile device is lost or stolen?
Report the loss or theft to the appropriate authorities. These parties may include representatives from law enforcement agencies, as well as hotel or conference staff. If your device contained sensitive corporate or customer account information, immediately report the loss or theft to your organization so that they can act quickly.
Mindi McDowell through US Computer Emergency Readiness Team (US-CERT)