This article can also be found in the Premium Editorial Download "Storage magazine: Top 15 Storage hardware and software Products of the Year 2006."
Download it now to read this article plus other related content.
Along with backup and encryption, managers need to address access control and authentication. The OMB now requires users intending to access government data remotely to use two-factor access control where one of the factors is provided by a device separate from the computer gaining access. It also wants users to log all extracts of sensitive data they download to their laptops.
"Everybody uses access controls, but they are easily broken," says Gartner's Litan. "It is easy to break a Windows password. You need at least two-factor authentication."
For example, Diamond Management & Technology Consultants uses biometric authentication to provide access to laptops. "We then link the biometric authentication to the password for operating system and hard drive security," says the firm's Curran. Should the laptop be lost or stolen, no one would be able to authenticate to gain access to the hard drive or data at any level.
Despite what encryption advocates say, there's no single approach to protecting data on laptops. "It's the belt and suspenders thing. You will need to use several approaches," says Moss at Black Hat, who uses PGP, WinMagic and other technologies to protect his firm's laptops. The alternative: Don't keep data you're not willing to lose on the laptop.
This was first published in February 2007