In addition to routine security policies, there is also an assortment of technologies that are designed to keep data from getting into the wrong hands. The first is that all portable devices should use full disk encryption, making it harder for the data to be deciphered.
Kevin Kalinich, manager of professional risk solutions at Aon Financial Services Group, recommends using a timeout function that requires reauthentication after 30 minutes of inactivity, as well as using a BIOS password and a biometric device. He said sensitive database extracts should be logged, and its erasure should be verified within 90 days, if the data is no longer in use.
There are also several options for wiping the data from a hard drive when it does go missing. Typically these involve erasing the encryption key on the laptop after a series of failed log-ins, or in response to a command from headquarters.
Robert Siciliano, chief information officer at IDTheftSecurity.com, recommends Tri-8's mylaptopGPS service. This has three parts ' a permanent identification label to deter theft, tracking of the missing laptop to the IP address it is logged on to, and remote removal and deletion of sensitive files.
EDS is looking at using a product from Absolute Software, called LoJack for Laptops, which also traces stolen laptops over Internet connections and destroys data on command or according to policy ' for instance, if the computer hasn't connected to the agency network within a certain time period. A similar product ' SureFind ' is offered by Oakley Networks. This system can verify whether or not data on a stolen laptop has been viewed and erase any sensitive data, once the missing laptop is connected to the Internet.
SecureTrieve's SecureTrieve Pro offers similar features.
Targus Group International makes a variety of cables and other devices to lock laptops, iPods, mice and keyboards. For higher protection, its DEFCON 1 Ultra Notebook Computer Security System comes with a 95 decibel alarm that sounds when the laptop is moved.