By Adesh Rampat Mobile computers are a security nightmare. They can be lost or stolen easily, and then their data is available to whoever happens to pick them up. Worse, they might have an installed connection, such as a VPN, right into your corporate network. Here are some ideas that will help plug that security hole. Got a Windows security tip of your own? Why not send it in? We'll post it on our Web site, and enter you in our tips contest for some neat prizes.
You may have some mobile Win2k users who need a higher degree of data protection than their non-mobile counterparts. Whether applied by the user or an administrator, here are some major security features that can be applied to protect data on a mobile computer. Apply NTFS permissions
Data security on a mobile computer can be enhanced through the use of NTFS permissions, which allow/restrict access to files/folders on the installed hard drive. When applying permissions, however, be careful about granting permissions to group everyone. User accounts
Make sure that mobile computers only have one user account (excluding the administrator and guest accounts). The fewer people who have access to the information on the mobile computer, the better. Also, the Windows 2000 username should not be the name of the current user; it should be some other name that isn't easily guessed. For example, instead of John Doe, try jdoe5521 or doej2155. These are fairly easily doped out, but not as easily as johndoe. Rename the administrator account
Rename or disable the guest account
The only time anyone should use the administrator account is when performing administrative tasks such as software installations. If the current user needs to grant temporary access to another user, then log on as administrator, and create a temporary account for the new user. Be mindful of the permissions granted in this case, and remove the account as soon as possible. Encrypted file system
An excellent security feature that can be used in the protection of data is Windows 2000 encrypted file system. File encryption prevents data from easily being available to an unauthorized user. Here's how to encrypt the contents of a folder:
Service pack updates can play a major role in data security when used in conjunction with the above-mentioned security procedures. Visit Microsoft's Web site periodically for any new service pack updates. If your notebook users are remote from your location, then you should establish a notification procedure to remind them to get new service packs/updates. About the author:
Adesh Rampat has 10 years of experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics.
Related book Maximum Windows 2000 Security
Author: A Anonymous
Online Price: $49.99
Publisher Name: SAMS Publishing
Date published: Oct. 2000
Written by the same anonymous hacker who wrote the best-selling books "Maximum Security" and "Maximum Linux Security," this Windows-focused edition reveals the holes and weaknesses that compromise Windows 2000 security and how to fix them. It teaches practical, pre-emptive countermeasures against tricks and techniques employed by hackers.
This was first published in September 2001