Even small organizations should have some sort of encrypted connection between laptops and the office server. Ideally, this would be some sort of VPN connection, either IPsec or SSL. Since you only have eight users -- a small network indeed -- even these traditional VPN products might be too costly and involved.
Even a simple IPsec network from Cisco Systems Inc., for example, would have to run through a dedicated server or router, which might be more than a company can spare. Even though SSL VPNs, like Citrix, are Web-based and require only a browser to access the network, there's still some overhead in configuring them on a network. Products like those from vendors Aventail and Juniper Networks Inc. will require the installation of additional hardware on a small network.
But there's still hope for the small user. One alternative is GoToMyPC, an online-based SSL VPN using Citrix technology. Another similar service, LogMeIn, uses a laptop's existing firewall and requires little additional configuration. It can also mesh with two-factor authentication like RSA Security's SecurID, a one-time password (OTP) token, for additional security. Both products offer corporate accounts for business users.
Another option to consider is SSL-Explorer from 3SP Ltd., which offers an SSL VPN that doesn't require dedicated hardware. It can be installed on existing hardware and, like LogMeIn, can work with two-factor authentication.
On the physical side, laptops should be locked at all times when out of the office. The DEFCON SCL cable lock from Targus is designed for laptops, and can loop around the leg of a table at any coffee shop or airport lounge.
Finally, use common sense when carrying laptops around. Put them in non-descript briefcases without company logos so they can't be easily identified, and keep them in your possession at all times.
Dig Deeper on VPN security
Related Q&A from Joel Dubin
After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that ... Continue Reading
In the IAM world, what's the difference between access control and identity management. This IAM expert response explains how the two relate as well ... Continue Reading
When working with PeopleSoft and Unix, which single sign-on (SSO) vendors offer the most effective products? Learn how to choose an SSO product in ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.