|
|
|
|
| Appendix E - Laptop PC Security | ||
| 1. Introduction | 2. Policy Statement | 3. Standards | 4. User Considerations | 5. Responsibilities | |
This Policy and its Standards are developed to offer sound security practices to prevent losses of laptops and the sensitive information on Company laptops.
Company-owned laptops must be secured at all times to prevent loss of the computer and the sensitive information contained within.
Don't leave your laptop in an office or on a desktop when leaving for the day. Take the unit with you or secure it in a lockable drawer out of sight, and always take the key with you - thieves look for keys in drawers, pen cups, under keyboards, etc.
If you don't normally take your laptop home with you, at least take it home with you over weekends, as theft seems more common then.
Do not carry IDs or passwords with your laptop. If you need to write them down, carry them separately from the laptop with no reference to how they are used.
Never leave your laptop inside your vehicle when you go to a meeting. Place it in the trunk out of sight or take it with you.
Do not leave your laptop in extreme hot or cold temperatures. The laptop has sensitive components that can be damaged.
When going through airport security, wait until just before you step through the metal detector to place your computer on the belt for x-ray. Don't allow others to step in front of you. This is a scheme used by teams to pick up laptops.
Keep your laptop with you in the lobby when you are checking into a hotel. Place the case on the floor between your legs, or step on the strap with your foot. Don't get distracted by strangers making conversation.
Don't leave your laptop in your hotel room out in the open. Take it with you when you leave, if possible, or conceal it inside your luggage bag or at the front desk in a safe deposit box.
Report the loss of any laptop immediately to the Corporate Help Desk and the local police. Keep a record of the unit serial number. This information can be quickly entered into the police database and improve the chances for the unit to be recovered in the future. This will also allow access to any corporate networks to be quickly removed.
Update your virus protection software at least once a week if you do not connect your laptop to the corporate network at a TruServ office regularly. Viruses can damage or destroy the sensitive corporate information on your laptop.
Routinely back up your data files to a network drive, CD or diskette. If you have not backed up your data and the laptop is lost, stolen or damaged or your files are damaged, you will lose your hard work and sensitive corporate information.
Sensitive data should be stored on your personal or department shared drive, not on your laptop hard drive. This reduces the risk of sensitive information disclosure.
Users are required to secure and care for their laptops in accordance with these standards.
|
|
|
|