Laptop Security SIRT IT Security Roundtable - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Laptop Security SIRT IT Security Roundtable

Description:

USB Flash Drive Security. No confidential data! Too easy to lose, ... Encrypted USB flash drives. Ironkey very popular - https://www.ironkey.com/ View demo? ... – PowerPoint PPT presentation

Number of Views:66
Avg rating:3.0/5.0
Slides: 27
Provided by: Harv183
Category:

less

Transcript and Presenter's Notes

Title: Laptop Security SIRT IT Security Roundtable


1
Laptop SecuritySIRT IT Security Roundtable
Harvard Townsend IT Security Officer harv_at_ksu.edu
May 2, 2008
2
Laptops are risky business
3
Agenda
  • Physical security
  • Protection while traveling
  • Information security
  • Recording identification information
  • Tracking and Recovery software
  • Wireless security
  • Public WiFi hotspots
  • Home wireless
  • VPN service
  • Useful freeware tools demod throughout
  • USB thumb drive security

4
Physical Security Theft Prevention
  • Never leave unsecured laptop unattended
  • Lock your doors (reshall room, apt., office)
  • Lock it in a cabinet
  • Use a locking security cable
  • Room/office
  • Hotel room
  • Public locations
  • Conferences, training sessions
  • Cost 15-50, combination or key lock
  • Use strong password on all accounts

5
Traveling
  • Dont let it out of your sight when you travel
  • Be particularly watchful at airport security
    checkpoints
  • Always take it in your carry-on luggage
  • Never put it in checked luggage
  • Use a nondescript carrying case
  • Be careful when you take a nap in the airport
  • Dont leave it in view in your vehicle
  • Dont trust the trunk - remember the quick
    release lever inside the vehicle?

6
Information Security
  • DONT store confidential data on mobile devices
  • If you must, encrypt it
  • Whole-disk encryption best
  • File or folder encryption reasonable
  • Demo TrueCrypt (open source, Win/Linux/Mac
    http//www.truecrypt.org )
  • Beware of managing encryption keys
  • Work with temporary copies on the laptop keep
    original file(s) on secure server
  • Backup data regularly
  • Imaging is a lovely tool
  • Diligently manage the security of the device
    (patches, antivirus software, firewalls, etc.)

7
Finding Confidential Data
  • Dont assume you dont have any confidential data
    on your laptop
  • Spider from Cornell useful for finding
    confidential datahttp//www.cit.cornell.edu/secur
    ity/tools
  • Searches files for SSNs and credit card numbers
  • Lots of false-positives but still very useful

8
Preventing Recovery of Deleted Files
  • Deleted files easily recovered
  • Even after you empty the Recycle Bin
  • Eraser freeware tool to securely delete files
    (http//www.heidi.ie/eraser/)
  • Erase Recycle Bin
  • Erase a file instead of delete it
  • Erase free space on hard drive
  • Erase a USB flash drive
  • Media Sanitization when disposing media

9
Record Identification Information
  • Record make, model, serial number
  • Take pictures of it
  • Label it with ownership and contact info
  • Engrave cover
  • Tamper-proof asset tag
  • Write on it with permanent marker
  • Distinctive symbols, art
  • Record network MAC addresses

10
How To Find Your MAC AddressIn Microsoft Windows
XP/Vista
  • Get a Command Prompt window
  • Select Start, then Run, then type cmd.exe
  • In the command prompt window, typeipconfig /all
  • Look for the Physical Address, which is the MAC
    address
  • For other operating systems, seehttp//www-dcn.fn
    al.gov/DCG-Docs/mac/index.html

11
MAC address
12
Tracking Recovery Software
  • If stolen, the computer contacts the company who
    traces it and contacts law enforcement to recover
    it
  • Computrace LoJack for Laptops from Absolute
    Software (www.absolute.com) is an example
  • Pre-installed in BIOS on many laptops
  • Dell
  • HP
  • Have to buy the license to activate
  • Costs about 30-50 per year

13
Wireless Safety
  • K-State, home, hotels, public hot spots
  • Rule of thumb FEAR WIRELESS!
  • K-State informationhttp//www.k-state.edu/infote
    ch/networks/wireless/
  • General wireless securityhttp//www.onguardonlin
    e.gov/wireless.html
  • Wireless terminologyhttp//www.onguardonline.gov
    /wireless.htmlglossary

14
Wireless Safety
  • Use encryption
  • WEP (weak)
  • WPA (strong - coming to campus soon)
  • VPN
  • Dont work with sensitive data in public hot spot

15
Wireless Safety
  • Securing wireless at homehttp//www.k-state.edu/i
    nfotech/news/tuesday/archive/2006/10-24.htmlsecti
    p
  • Use strongest encryption possible WPA2
  • Restrict access to specific computers by MAC
    address
  • Change default settings
  • Admin password for configuration interface
  • SSID
  • Do not broadcast SSID

16
Default SSID
No Encryption
17
Default SSID
Strong Encryption
Weak Encryption (WEP)
Default SSID
18
(No Transcript)
19
(No Transcript)
20
Virtual Private Network (VPN)
  • Encrypts all network traffic between your
    computer and the K-State border
  • Makes your computer appear to be on campus to get
    access to restricted resources
  • Does NOT necessarily encrypt everything that goes
    to the Internet (split tunneling)
  • Also does not encrypt traffic on campus

21
(No Transcript)
22
Virtual Private Network (VPN)
  • Must install VPN Client software
  • Information and software available
    athttp//www.k-state.edu/infotech/networks/vpn/
  • Cannot use it on campus yet (to secure your
    wireless, for example) will be able to soon.
  • If can get to Internet but not K-State, modify
    the Transport configuration
  • Enable Transparent Tunneling
  • IPSec over TCP

23
Connected
Disconnected
24
USB Flash Drive Security
  • No confidential data!
  • Too easy to lose, easy target of theft
  • Dont use it as a backup device
  • Erase files so they arent recoverable
  • Encrypt files on it with TrueCrypt or -
  • Encrypted USB flash drives
  • Ironkey very popular - https//www.ironkey.com/
  • View demo?

25
More Information
  • K-States Mobile Device Security Guidelines
  • http//www.k-state.edu/infotech/security/mobile.h
    tml

26
Whats on your mind?
Write a Comment
User Comments (0)
About PowerShow.com