Portable Computers
Portable computers are in a league of their own when it comes to security. Once you take a computer outdoors, you expose it to many more threats than it would otherwise face all safe and snug in your home. They can be easily stolen, dropped or accidentally left behind. They are also more susceptible to hackers who use wireless technology to access them or intercept data transmission. For these reasons, any sensitive personal or business information kept on portables is always at elevated risk of falling into the wrong hands, leading to things like identity theft and credit card fraud. But you can still keep your data relatively safe in public areas and networks by following the suggestions below.
Tether Your Laptop
Portable computers are expensive pieces of equipment, vulnerable to theft, and thus should not be left unattended. Yet I continually witness this in public areas where the owner momentarily leaves it to use the restroom or steps outside to make a call. When a thief decides to take your portable, it can take literally seconds for it to happen and it's out the door. To protect against physical theft, you can use a Kensington security lock for your laptop or other portable. The slot used to attach the lock is a standard feature with the vast majority of computer manufacturers, and the locks themselves can be readily attached to any immovable object such as an anchored chair or table. While these locks may not be foolproof, they make it much more difficult for the would-be thief to appropriate your portable without making himself obvious and, more importantly, serve to deter him from even making the attempt.
File Sharing and Network Discovery
When connecting to public Wi-Fi networks, make sure you connect to the right network and that it is designated a Public Network connection when prompted by your operating system. Avoid connecting to copycat networks or ad hoc networks advertising free wireless service. By default, the Public Network location setting turns off file sharing and network discovery for your computer, so you don't need to make these adjustments manually. Users of Windows XP may need to have file sharing manually turned off by navigating to the shared folder, right-clicking on it, and selecting the appropriate option from its Properties/Sharing tab. Lastly, be sure to turn off your portable's Bluetooth feature if you're not using it, or set discoverable mode to off.
Turn Off Autocomplete Passwords
The form autocomplete feature in many browsers can be a useful time saver when conducting online transactions from your home computer, but it can be risky in an environment where would-be thieves and hackers don't need to know your passwords to access your online accounts. Settings for this feature are accessible through the Internet Options/Content/Autocomplete dialogue box in Internet Explorer (Settings/Options/Passwords in Windows 8), through the Options/Security tab in Firefox, and in the Settings/Advanced Settings/Passwords and Forms section of Google Chrome.
Activate Password Protection on Wakeup
While using your portable in public, you should afford the same privacy for it as you would a workstation in a corporate office environment. Using a screensaver in conjunction with Password Protection on Wakeup will protect your displayed information in the event a curious passerby decides to investigate while you're away. Screensaver settings are accessible by right-clicking on the Windows desktop and selecting Personalize or Properties on the context menu; Password Protection on Wakeup will then be accessible via the system's power settings.
Use Encrypted Connections
Most Wi-Fi hotspots don't provide secured networks for their customers. Even with those that do offer encrypted connections, the safety of your data cannot be guaranteed because their own network security configurations may not be adequate. So it is important to ensure that web sites handling your sensitive information encrypt their connections. This will be apparent from the "https" protocol specified in the address bar of your browser, preferably with a green background and padlock image (see Browsing Safely). Verify that all session pages are encrypted, and be sure to actively log out of each session after completing your transactions.
Virtual Private Network
When using your portable to connect to public networks at airports and cafes, try using a VPN. This is especially important if you will be regularly using email, shopping, or conducting other sensitive transactions at these locations. With a VPN, all of your exchanged data is encrypted, not just those you exchange with secure websites. Windows operating systems already have built-in VPN capabilities, but you can opt for more user friendly third-party software such as CyberGhost, VPNBook, or those available as add-ons with some anti-virus software.
Full Disk Encryption
You can use disk encryption tools to protect sensitive information in the event your portable is ever lost or stolen. Disk encryption can be either hardware or software based, with full-disk hardware encryption being the most secure. Hardware encryption requires a Trusted Platform Module (TPM) to be physically attached or built-in to the motherboard, as featured in many business computers. You may want to check with your computer's manufacturer or the BIOS configuration utility to determine if a TPM is already installed, in which case it must be activated and set up before use. Some OEMs pre-install proprietary encryption utilities on systems featuring a TPM, or will make them available as downloads from their websites. Also, some higher-end disk drives and SSDs now feature built-in encryption capabilities.
Software disk encryption requires no additional hardware, but may have a noticeable impact on system performance depending on what applications you use. Ultimate versions of Windows Vista and 7, and Pro versions of Windows 8 feature BitLocker which can be used for either hardware or software encryption. You can also use a third-party software that features pre-boot authentication, such as BestCrypt (the free open source software TrueCrypt is apparently no longer supported). When using software disk encryption programs, take the time to familiarize yourself with any precautions or suggested uses by reviewing all available documentation; the data on a software encrypted drive is managed by additional control mechanisms which must be taken into account when performing tasks such as backups and OS upgrades.
Whether you use hardware or software disk encryption, be sure to set it up to use multi-factor authentication, i.e., use a pre-boot password, USB key, smart card, or a combination of these, in conjunction with the disk encryption key. Also, configure the computer to be powered off and not left in sleep mode. The data on your computer will not be secure without taking these steps.
Software disk encryption requires no additional hardware, but may have a noticeable impact on system performance depending on what applications you use. Ultimate versions of Windows Vista and 7, and Pro versions of Windows 8 feature BitLocker which can be used for either hardware or software encryption. You can also use a third-party software that features pre-boot authentication, such as BestCrypt (the free open source software TrueCrypt is apparently no longer supported). When using software disk encryption programs, take the time to familiarize yourself with any precautions or suggested uses by reviewing all available documentation; the data on a software encrypted drive is managed by additional control mechanisms which must be taken into account when performing tasks such as backups and OS upgrades.
Whether you use hardware or software disk encryption, be sure to set it up to use multi-factor authentication, i.e., use a pre-boot password, USB key, smart card, or a combination of these, in conjunction with the disk encryption key. Also, configure the computer to be powered off and not left in sleep mode. The data on your computer will not be secure without taking these steps.