This month’s Security Management column by Steve Riley is about physical security and boy, don’t I know about this one from a personal level due to the recent burglary at the office.

 The Case of the Stolen Laptop: Mitigating the Threats of Equipment Theft — TechNet Column – Security Management – February 2005:

Personally I use pgpdrive on my laptop but the concept is the same….protect the data that is most “movable“.

Also a very public thank you to Dr. Jesper Johansson… who taught me that having the local admin password match the domain controller admin password was very dumb and so when I set up my new network I purposely mismatched admin passwords.  When the “snatch and grab” of a workstation occurred at my office a few weeks back, I knew that someone didn’t have access to the domain admins password.

For us beancounters, and for your clients, identifiy your most critical data that you have a regulatory requirement to protect and put the most effort in protecting that.  When I’m traveling and I’ve got a client’s Quickbooks data, there’s too much crtical data in there and thus I drop it inside the pgpdrive.


Comments are closed.