'One of our laptops is missing'

By Amrit Williams, Network World
March 09, 2007 08:31 AM ET

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

. What's this?

These are words no IT manager ever wants to hear. Beyond the embarrassment, there is the danger of seriously bad publicity, damage to brand equity and legal liability. It is possible that losing even a single mobile computer loaded with sensitive information can kill an otherwise thriving business.

The good news is that current technologies and best practices can lower the risk dramatically when mobile computers are lost or stolen.

The first step is to recognize that a lost or stolen mobile device is a data management problem, not a physical-asset inventory problem. A laptop or any other computer is just a container. It's the information on the machine that can hurt you if it falls into the wrong hands. Mitigating the risks involves proactively managing and protecting sensitive information from unauthorized access or disclosure before that asset goes missing.

Missing laptop do's and don'ts

DO	• Use systems management to maintain real-time visibility of data types on mobile computers.
	• Set and enforce automated policies that restrict transfer of sensitive data to mobile computers.
	• Encrypt any sensitive data that must be carried on laptops.
	• Investigate data leak protection technologies. It's still early, but viable solutions are coming into focus.
DON'T	• Think that because a computer is mobile it shouldn't be managed as effectively as a desktop.
	• Think of this as an asset management problem, but rather as a data management problem.
	• Rely on "LoJack for laptop" type solutions because a missing computer may never be connected to the Internet.
	• Be surprised if your organization's reputation and sales suffer if stakeholders believe they can't safely do business with you.

Click to see: Missing laptop do's and don'ts

IT managers traditionally have faced three hurdles in protecting sensitive information on fixed and mobile devices.

Related Content

• Lack of real-time visibility into the configurations and kinds of information on individual assets. The majority of organizations don't have the foggiest idea about what information is on these devices, much less how well it is protected. This means that anytime a mobile device disappears, IT managers have to assume the worst and warn stakeholders of the maximum potential harm.

• Inability to set and enforce information management policies for individual assets. There are a number of actions managers should take to protect information on mobile assets. These include encrypting data; building in strong user-access controls; blocking data transfer from secure to nonsecure devices (such as USB drives); and keeping antivirus, antispyware and anti-intrusion software up to date.

• Inability to manage information on assets intermittently connected to enterprise networks, that is, laptops and other mobile computers. Too many management tools have a blind spot when it comes to mobile systems. Either they ignore such systems entirely or access them only when hard-connected to enterprise networks. Needless to say, there is ample opportunity for roaming mobile systems to drift out of policy compliance.