This has been a big issue even before the recent theft of a VA employee's laptop containing the personal information of 26 million people. Laptops, because they're mobile and used in public places, are susceptible to theft.
The best solution is to make a stolen laptop unusable by encrypting the laptop's hard drive. This makes it impossible to read or retrieve all laptop data, whether sensitive or not. Even if the hard drive is removed from the machine and reinstalled in another laptop, desktop or even test bed, the data still cannot be recovered.
A popular tool is SafeBoot N.V.'s Device Encryption, designed specifically for laptops and other mobile devices. The product is part of the company's suite of data encryption tools for various IT devices, including USB keys.
The nice thing about SafeBoot is that it requires a user ID and password before the operating system even loads. This protects users from the age-old trick of using a Linux boot disk, like Knoppix, to bypass the operating system log on credentials and access the machine.
If you require more than a user ID and password, SafeBoot can also be configured to synch with one-time password (OTP) tokens, biometrics devices or a PKI system. The tool uses RC5 and 256-bit AES encryption, and it encrypts data behind the scenes while the user is working on the laptop. This happens transparently and without affecting performance.
PGP Corp. also offers Whole Disk Encryption for Professionals, a similar product that seamlessly encrypts a laptop's or other mobile device's entire hard disk. Another popular tool is Encryption Anywhere from GuardianEdge Technologies Inc. There's also SecureDoc from WinMagic Inc., designed for Windows systems and the open source TrueCrypt that runs on both Windows and Linux platforms.
Dig Deeper on Two-Factor and Multifactor Authentication Strategies
Related Q&A from Joel Dubin, past SearchSecurity.com expert
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access ...continue reading
Picture passwords for mobile device security aren't a new idea, but they have been recently improved. Identity and access management expert Joel ...continue reading
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.