Even small organizations should have some sort of encrypted connection between laptops and the office server. Ideally, this would be some sort of VPN connection, either IPsec or SSL. Since you only have eight users -- a small network indeed -- even these traditional VPN products might be too costly and involved.
Even a simple IPsec network from Cisco Systems Inc., for example, would have to run through a dedicated server or router, which might be more than a company can spare. Even though SSL VPNs, like Citrix, are Web-based and require only a browser to access the network, there's still some overhead in configuring them on a network. Products like those from vendors Aventail and Juniper Networks Inc. will require the installation of additional hardware on a small network.
But there's still hope for the small user. One alternative is GoToMyPC, an online-based SSL VPN using Citrix technology. Another similar service, LogMeIn, uses a laptop's existing firewall and requires little additional configuration. It can also mesh with two-factor authentication like RSA Security's SecurID, a one-time password (OTP) token, for additional security. Both products offer corporate accounts for business users.
Another option to consider is SSL-Explorer from 3SP Ltd., which offers an SSL VPN that doesn't require dedicated hardware. It can be installed on existing hardware and, like LogMeIn, can work with two-factor authentication.
On the physical side, laptops should be locked at all times when out of the office. The DEFCON SCL cable lock from Targus is designed for laptops, and can loop around the leg of a table at any coffee shop or airport lounge.
Finally, use common sense when carrying laptops around. Put them in non-descript briefcases without company logos so they can't be easily identified, and keep them in your possession at all times.
Dig Deeper on VPN security
Related Q&A from Joel Dubin
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums ... Continue Reading
Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good ... Continue Reading
After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.