Understanding Laptop Data Protection
1. About the White Paper
The objective of this White Paper is to make the Laptop users aware of possible threats of data theft that may arise due to the use of various new devices like USB flash drives, Mobile Phones, Internet, Wireless network, CD/DVD etc. and to provide you with necessary guidelines to make you better equipped against data theft, occurring at an increasing rate worldwide!
Laptop is a personal computer designed for mobile use, and are becoming more popular for general as well as corporate uses. Which means you can’t choose to keep your Laptop out of network connection, you can’t Block USB storage devices to access your Laptop in your work or home environment, if this is the only option left, it creates a big issue for data theft from your Laptop as you would read about in subsequent sections of this white paper.
According to Privacy Rights Clearing house, an astonishing figure of more than 350 million numbers of records containing sensitive personal information were involved in security breaches only in the U.S. since January 2005. Nevertheless, it can be assumed that a very large number of data breach took place around the world during the same period.
2. Potential Increase in Data Theft due to Increasing Number of Laptop Users
Researches predicts a dramatic growth in PCs, particularly in emerging markets, with a worldwide compound annual growth rate of more than 12 percent between 2003 and 2015.
Initially, Laptops were considered mostly for specialized field applications such as the military, accountants and sales representatives. However, today, Laptops are becoming more popular for students, engineers, doctors, and professionals for their general as well technical uses. The analyst firms attributes this boom to lower prices and growing demand as the world population becomes technology-aware.
Yet another reason for booming Laptop user growth is the portability of the device, more and more users are following work from home culture.
In the IDC’s forecast reports about the PC market, there appears a significant increase in Laptop use than Desktop PC’s, and the ratio of Laptop to desktop PC users is expected to go above 50 % in the years to come.
3. Know the Open doors of your laptop
So, how could one lose confidential and personal information from a laptop. Here are some of the most critical ones explained:-
a. Internet Applications
In case of use of Internet applications like file sharing, chat, VoIP, P2P, email clients, any unauthorized access or use of these applications on your Laptop by a second person will provide the user an open window to transfer various confidential and private files over the network.
b. Internet Portals, Social Networks and Games
Some of the websites could be really nasty for your laptop’s data security. If your antivirus do not know whether a website you were visiting last night has injected worms in your system, you have got to be really careful about using your credit card number, SSN etc before you are sure that everything is fine. There have been multiple cases worldwide of identity breach and financial theft through automated worms and viruses.
Social networks, online gaming, online dating etc are becoming increasing addictive and lot of people are getting more and more obsessed with online activities through websites and internet portal. Some of these portals asks you to install missing plug-ins or upgrading your flash player. Sometime they will be genuine, but, other time they could just be trying to get into your system. This might be difficult for even the anti-viruses to detect because these installations are user consented.
c. USB Drives, CD-DVD and Printers
Anyone having unauthorized access to your laptop may copy files through CD/DVDs, USB Drives, Memory Cards, etc. and might also print confidential information through the printers connected to your PC.
Lets take a test case of data theft through USB drives, Suppose you were working in your office environment, and one of your colleague asks to use his storage device to copy some of the project files on your Laptop. During this process, accidentally or intentionally, your colleague copies some personal files from your Laptop. Do you have any means to stop that or track it ?,
If not, you might become a victim of Identity Theft and the worst part, you might not know about it for quite a long time.
d. Wireless
Bluetooth, Infrared, or Wi-Fi are really great technologies and we love to use them. But, there is one bit you should know. If you are not a tech geek about computers, the default setting on your laptop might connect you automatically to some of these public wireless hot-spots and you might not notice at all.
From that point onwards, your laptop might become a part of an unsafe network because others in the same network can connect to you directly. I would just wish, you don’t get any black hats our there. So, before putting information like passwords, bank accounts details, credit cards numbers, social security numbers etc at risk double check about the credibility of the connection you are using while you connect to any public Wi-Fi.
e. Stolen Laptop or Media
Losing your laptop can be really worrying. You know all the reasons why and breaking into a laptop even if its password protected is not a rocket science.
4. How to secure your laptop’s data ?
You should look into two area while managing the security and protection of your laptop; physical security to prevent it from any physical loss or theft and software security of your data by installing the basic programs to secure the data.
Here are some of the basic things you can do to secure your laptop physically,
i. Get custom Engraving done on the Laptop
ii. Get your Laptop registered with your manufacturer
iii. Use a Cable Lock
iv. Use a Chain/Cable Lock while in Car
v. Use a Docking Station
vi. Get a Laptop with biometric identification
Ways to prevent any breach in the Laptops internal security using softwares:-
i. Get a secure Operating System with the Latest Updates
ii. Always use the NTFS file system on windows
iii. Disable Guest Account if not used on windows
iv. Disable Administrative Shares and all default shares on windows
v. Disable the IR Port if any and not used. You can enable it whenever required
vi. Switch on the Bluetooth Port only when required
vii. Always install a good Antivirus and Antispyware in your Laptop
viii. Always use firewalls for Wired and Wireless Connections
ix. Store your important files and documents in a single place and keep them encrypted
x. Implement more control over removable Storage Devices and CD/DVD Drives
xi. Be careful when connecting to a new Wireless Network
xii. Use firewalls effectively on USB Modems which you use to access Internet
xiii. Lock your Laptop whenever you are away
xiv. Always keep backup of your files in another central computer or server or external Hard Disk
xv. If you want a bit more security,keep a good BIOS password
5. About Dataresolve
Dataresolve is an endpoint security company. The company builds data security and endpoint security solutions. They have over 20,000 installation base worldwide with customer spread across 14 countries worldwide.
Kolkata Branch
Dataresolve Technologies Pvt. Ltd.
Salt Lake City
DL-141, Sector-II
Kolkata – 700091
West Bengal
Phone: 033-4061-1241
Fax:033-4061-1242
General Enquiry
Email: info@dataresolve.com
Online Sales
Email: sales@dataresolve.com
Channel Partners\Affiliates\Resellers
Email: partners@dataresolve.com
6. References
a. http://datalossdb.org/
b. http://www.privacyrights.org/
c. http://www.techworld.com/
d. http://www.forrester.com
e. http://www.idc.com/
f. http://blog.dataresolve.com/
Endpoint Protection with uHook Enterprise v 2.0
With USB becoming almost universal as every desktop and laptop today has more than one USB ports. These ports can then be connected to a large number of other devices to copy, print and share data.
This white paper explains how you can use the enterprise version of uHook to solve the problem of data loss through portable media devices but, at the same time not disturbing your own advantage of using USB ports for your business efficiency and productivity.
uHook Enterprise is an endpoint device control product for windows, which helps you control and manage the access of removable media devices on thousands of PCs in your business network distributed over the globe from one single place!
uHook Enterprise is meant for organizations with a big network infrastructure, where it is not possible to track who is copying what or who has got access to critical files and data.
Here are some of the benefits you can achieve with this product
 |
Control and monitor device access activities at different location of the globe sitting in one place |
|
Protect your data and prevent malicious users with strong ACTIVE EPS technology |
|
Scale up to thousands of machines within a very short time |
|
No complex deployments and server installations are required |
|
Unlimited storage of reports and policies |
|
Get instant email alerts of malicious activities |
|
256-Bit SSL encrypted access to web based management console |
|
Optional SaaS based server control |
|
On demand agent deployment – pay as you grow |
|
No need for dedicated server or appliance installation in house |
|
Manage physically located offices from one single admin console |
|
Block viruses, spyware, trojans, rootkits and malware from infecting your computers from alien portable stoarge devices |
|
Regular updates of server and agents so that you stay secure and updated |
SaaS based End Point Security with uHook Enterprise V 2.0
With amazing success of the first version of uHook Enterprise, we have recently released a beta version of the product which is based on SaaS model. What this means is that, now you don’t have to maintain a dedicated server for handling device policies or storing reports, you can scale up the installations on demand, this gives you an advantage of controlling multiple offices of a company located at different physical locations of the globe from one single Admin console and this model offers you a cost reduction of 30% in deploying an end point security solution in your office.
Beta signups are already available on the company’s website, which soon would be updated to full version for regular business use. Click here to try the Beta version of the product.
According to an article published by searchsecurity,
“This model allows a company to reduce capital expenditures, scales up or add new networks under end point security protection on demand, and frees up the IT team from getting involved into huge amount of efforts required to maintain the server . The most compelling aspects of SaaS is its lower Total Cost of Ownership (TCO). According to McKinsey & Company, companies realise a 30% lower TCO when using a SaaS-based solution instead of an on premise solution. This value comes from several sources: reduced deployment time, no supporting infrastructure, no application testing, lower training requirements, no ongoing business process change management, all costs are visible in the service fee (no need to aggregate power and data center costs, licenses, pro rata allocations of infrastructure costs, etc …), and no unscheduled downtime.”
About the Product
uHook enterprise is a state of art DLP product for computer networks having enterprise data distributed in a WAN (Wide Area Network). uHook uses its ACTIVE EPS (End Point Security) technology, which was used in the first personal version of the award winning product, uHook Personal..
What is Active EPS?
ACTIVE EPS is the name give to the core DLP engine in the agents which helps uhook detect and block any kind of malicious device which can be used to steal data. Besides, having its unique detection mechanism uHook Enterprise agents uses very low memory footprint, supports almost all windows versions including Vista and Windows 7 and interestingly communicates with the server without opening any port on your system making it less vulnerable unlike other desktop based application which communicates in the network. The product is based on both SaaS and non SaaS versions, which offer you limitless possibilities like controlling multiple office from one single admin console accessible from anywhere in the world, having unlimited capacity of storing your reports as long as you want and allowing you to scale up the control to over 2000 PCs with one single server license of uHook Enterprise.
Business Benefits:-
- Control and monitor device access activities at different location of the globe sitting in one place
- Protect your data and prevent malicious users with strong ACTIVE EPS technology
- Scale up to thousands of machines within a very short time
- No complex deployments and server installations are required
- Unlimited storage of reports and policies
- Regular updates of server and agents
Features:-
- Easy to use device control over network
- No port is opened on the agent thereby reducing the risk of other vulnerabilities
- Password protected uninstall of the agents
- Fast workflow of device control and policy implementation
- Both SaaS based as well Dedicated Server support
- SSL secured access of admin console
- 128 bit encryption is used for client server communication
- ACTIVE EPS technology ensures identification of a device uniquely out of millions of devices
- Unlimited backup & storage of reports and policies
- Regular updates of agents and servers
- Flexible reporting
- Email alerts and warnings of malicious activities on the end points
