What do you do to protect company-confidential data on laptops?

security laptop

Solution 1:

We use TrueCrypt. For laptops we insist on a BIOS password as well.

Solution 2:

Whole disk encryption.

There are quite a few methods for doing this.

I've personally used TrueCrypt, but there are many more options on this wikipedia page.

I also used to work for an accounting company that rolled out PointSec (Now Check Point). Their solution seemed far more complete that truecrypt, but of course, that comes at a price.

Solution 3:

I've used a product called SafeGuard Easy from Utimaco. You couldn't boot the laptop w/o first entering a password. It also encrypted the entire drive. If someone tried hacking the password it progressively increased the timeout between attempts (something like 3X the timeout each attempt, so it would have a crazy-long delay even after only a few incorrect attempts). It had some nice tools for remotely allowing a log-in if someone got locked out via a generated key and it let you set an expiration policy on users.

They had some command line tools so you could push down these changes inside of a config file, which was nice since we could automate that through the primary application they ran on the notebook. If the notebook went missing we knew the user/password would be expiring within a week (even if they knew the password) they'd eventually be locked out.

Related

Failed to generate a user instance of SQL Server
Control Panels for Servers without a monitor [closed]
Windows 7 always attach VHD
Forcing rsync to non-interactive mode
Enable SQL Server to backup on remote machines/drives
Where does task scheduler store its files in windows server 2008?
How do I enable IP-forwarding in MacOS X?
Delete files from rdiff-backup
RAID array Considerations - Any advice?
Is there a way to mirror two severs on Ubuntu?
Are .NET versions backwards compatible?
Using Top - 4 processes have 100%+ CPU: How?