How to Secure Your Laptop
If you use your laptop for your business or your profession, then you need to make sure your business data is kept as secure as possible.
Securing your laptop is especially important if you’re a digital nomad or if you are location independent.
Get a Lock For Your Laptop
The first thing you need to do is use a good laptop lock. I know these locks aren’t infallible; a determined thief can still cut through them with strong enough cutters, but they will at least deter opportunistic thefts.
But you need to do more than this. You need to prevent unauthorized access to your laptop and protect the data contained on it.
As in real life, it’s possible for a determined thief to crack even the most secure safe or break and enter into the most highly secured building. But the more difficult you make it, the less chance there is of this happening.
The best way therefore to approach computer security is to consider it as a series of hurdles that you set up to deter intruders and thieves.
There are a number of things you can do. What follows below is the procedure I use for my own laptop.
Secure the BIOS
Set the BIOS password on your laptop. The BIOS (Basic Input Output System) is the lowest level part of the computer.
The BIOS is the first thing that flashes up on the screen when you switch it on. Usually it’s accessed by pressing one of the function keys. Exactly which function key varies from laptop to laptop.
You need to check the messages that appear at the very beginning when you power up your laptop to find out which key you need to press to get access to the BIOS on your particular laptop.
If you set the BIOS boot-up password, then no-one will be able to start Windows, Linux or whatever operating system you have installed on your laptop without first entering this password correctly.
You should also disable external booting in your BIOS system. This will prevent people from getting round your security by trying to install a fresh version of Windows or Linux.
Just make sure you know what you set your BIOS password to – and don’t forget it either. Without this no-one can access your laptop, including you. There are ways round this, but they involve resetting the BIOS chip one way or another, which involves a lot of hassle.
Secure Access to the Operating System
So, having secured the BIOS, the next thing you should do is to secure the access to your operating system.
Be it Windows or Linux, you should make sure you have set a user password as well as an administrator or root password. Anyone trying to start up Windows or Linux will then first have to enter the appropriate password.
Again: don’t forget what you entered for the password or you’ll find yourself locked out as well and things can get complicated.
Install a Device-Tracking System
Next you should install a software program called Prey.
This is a small piece of software known as a device tracker. It sits on your computer waiting to be activated by you by remote control if your laptop is stolen. You wake up Prey by sending a message via the web or by SMS.
Prey then responds by sending you the information about where the laptop is currently located (provided the thief connects the laptop to the Internet – which most of them do sooner or later).
All this happens without the thief knowing. You can then use the information to assist in taking action to recover the laptop.
Prey is available in both free as well as paid-for versions with more functionality. You need to make sure you install it on every operating system on your laptop. So if like me your laptop runs both Windows and Linux, then you need to install it on both.
Read the installation instructions carefully at the Prey site first at preyproject.com
Bear in mind though that Prey will only be able to do its work if the thief is able to get past your Windows or Linux user/root passwords to actually start the system.
Install a Data Encryption Program
Now you need to think about your data. If your laptop gets stolen, then a thief would have access to whatever you have stored on your hard drive. Credit card and bank details, other financial and business information, passwords etc. So you need to make sure this data is secure.
The best way to do this is to use a data encryption program. There are a number of such programs out there, but the best one is a freely available Open Source system called Truecrypt. It’s available for both Windows and Linux.
Truecrypt allows you to encrypt your data – both individual folders or directories as well as whole disk partitions. Even if you access your data both from Windows and Linux using a common data partition you can still encrypt it with Truecrypt.
It can also encrypt external USB drives and USB flash thumb drives. You can also use Truecrypt to hide a partition or folder from public view. Don’t forget to encrypt external USB drives – they are even easier than laptops to steal.
Truecrypt is a little complicated at first and the website is a bit on the geeky side and old fashioned in style, but the program is well worth it.
Check out the official website at www.truecrypt.org
Backup Your Data in the Cloud
Keep a backup of your important data in the cloud at all times.
There are now a whole heap of cloud storage systems. Many of these provide a couple of gigabytes worth of data free of charge.
They vary in ease of use, but the most widely known ones right now are Amazon S3 and Clouddrive, iDrive, Dropbox, Mozy, Carbonite and SugarSync. Most of these give you a couple of GB at least free of charge. Clouddrive currently ofer 5GB free, Dropbox only 2GB.
There’s also a cloud system called Symform which is worth taking a look at.
Symform is a different system to all the others because it uses a distributed cloud system. Data is encrypted and stored throughout participating computers throughout the Symform system. This gives you a higher level of reliability rather like a RAID system because you are not dependent on one single server.
Symform offers 10GB of storage free of charge. You can add to the storage using your own machine and receive cloud storage in return. You can also purchase additional cloud storage.
Amazon S3 is practically the quasi industry standard for cloud storage. It has a good reputation for reliability. Amazon S3 doesn’t itself provide free storage, you pay on a monthly basis for the storage that you use, but there is no limit and the fees are reasonable.
Amazon S3’s user interface isn’t the easiest to use. The service is targeted primarily at the commercial business to business sector and professional IT users rather than the consumer or domestic user market.
However, you can use Amazon’s Clouddrive service, which is web-based and easy to use and which provides 5 GB free of chrage.
You should use at least two different providers for your most important data, in case of any problems with data loss or access with the one or the other. Even if nothing else, there’s also always the possibility that one or the other could one day go bust and go out of business.
For myself I currently use Amazon S3, Dropbox, and Symform.
A Warning About USB Thumb Drives
Finally, a word about USB thumb drives.
These are neat little devices, a great invention for transferring data from one computer to another when they aren’t networked. But whilst their small size is an advantage, it’s also their biggest disadvantage. USB thumb drives are all too easy to lose, go astray or get stolen.
For that reason I don’t put valuable business or personal data on a USB thumb drive.
In any case I can’t see the point. The cloud is safer than a USB thumb drive can ever be. It’s possible to encrypt a USB thumb drive using Truecrypt. But in practice it’s a complex matter eg it requires you to have root or admin access to the PC or laptop you want to connect up the USB thumb drive to. This isn’t always possible to guarantee in practice.
The best advice in my opinion is not to use USB thumb drives for storing or backing up important data. Always use the cloud and your encrypted hard drive.
If you implement the measures I described above, then you’ll be doing more to secure your laptop and it’s data than many corporate computer users out there. In my experience a lot of them don’t take the trouble to configure anywhere near that level of security for their laptops and their data.
Good luck – and keep your laptop and your business data secure!
Image Attribution: Pixabay.com – Free for commercial use, no attribution required.