Laptop and Mobile Equipment Security
Mobile equipment (laptops, cell phones, PDAs, etc.) is removable media equipment that stores data (floppy disks, thumb drives, CDs, zip disks, tape cartridges and other similar types of storage). The easy to handle equipment and peripherals can be stolen or compromised if you leave them unprotected.
Mobile equipment is easy to use and an great way to keep in touch, however there are security risks. Here are some ways to protect your investment (including your data).
Secure your data
- Password protect with a complex password
- Encrypt your files
- Consider biometrics
- Handle mobile media (flash drives, CD back-ups, Zip cartridges) with care
Get physical
- Purchase tracking software in case your laptop gets stolen (Cyber Angel software available on the university's Software Portal).
- Lock your laptop to a desk or other object when you put it down, or keep it beside you when your moving...and out of sight when you can.
- Register your laptop with the manufacturer (to provide proof of ownership if stolen).
- Lock your laptop inside a cabinet or safe at home, or in a drawer or closet in your dorm room.
- When traveling, move your laptop to the trunk or another location where it can't be seen before you arrive and park at your destination.
- Turn off Bluetooth devices to stop thieves who search for signals in parking lots and other places.
- At a hotel: put your laptop in the room safe, with the front desk, or lock it up in your luggage.
All three campus police departments offer laptop serial number etching. Some also offer laptop registration. Check the campus PD websites, or call for more information.
Wireless Security
- Set your router to encrypt
- Enable the router's MAC filtering to allow connections only from your own MAC (unique Media Access Control) addresses at home or in your room
- Enable the firewall
- Don't trust wireless cafes or other places providing wireless services
- Disable adhoc networking. Modify automatic pairing, discovery and visibility settings
Cell Phones
"Wipe" your old phone clean before discarding it or giving it away
When you're done with your old cell phone, safely delete your information or destroy the phone. Text messages, phone numbers, email addresses, pictures, etc. can be like opening your diary. Phone manufacturers usually provide instructions for safely deleting information.
As cell providers offer more services (email, web surfing, text messaging, etc.) the phones become vulnerable to the same attacks as computers, and other exploiting specific vulnerabilities.
Mobile Media
Mobile or removable media is equipment that stores data (floppy disks, thumb drives, CDs, zip disks, tape cartridges and other similar types of storage). These easy to handle peripherals can be stolen, compromised or destroyed if you leave them unprotected.
- Removeable media is easy to misplace, keep it safe
- Do not use removeable media to store private information.
- Physically shred or destroy the media to dispose of it.
Be ready and prepare for emergencies...
- Back-up your files (CD, Zip drives, flash drives, etc....keep them in a safe place away from your computer)
- Keep your original CDs available for reinstallation in case of compromise
Remember!
- Beware of emails bearing attachments. There are numerous forms of malware that have been unleashed by no more than visiting a website linked through an email.
- Do not open a link embedded in an email. They can be phishing sites.
- When discarding an old computer, wipe the drive clean. Studies have shown that it's easy to get personal information from discarded computers.
- Make sure your online bank has a zero liability policy (replacing any stolen funds as a result of identity fraud if the bank's system was breached.). Beware of email phishing attacks from banks or any financial institution providing a link and/or asking for your personal information. Phishing sites are very convincing.
Privacy
- Keep private information private. Social networks (MySpace, Face Book, etc.) are great places to keep in touch, but be sure you know who you're talking to, and keep in mind that anyone can be 'listening'. Configure your privacy expectations.
- Information you supply on websites may not be secure. Check for the https:// (rather than http://) in the URL, the 's' is for secure, or a lock in the corner, however your best bet is to go directly to a main website rather than clicking on a link within the website, especially in email. There are still numerous websites asking you to logon insecurely.