Problem solve Get help with specific problems with your technologies, process and projects.

Securing the mobile PC -- Windows 2000 style

Here are some ideas for securing a laptop operating Win2k.

Securing the mobile PC -- Windows 2000 style
By Adesh Rampat

Mobile computers are a security nightmare. They can be lost or stolen easily, and then their data is available to whoever happens to pick them up. Worse, they might have an installed connection, such as a VPN, right into your corporate network. Here are some ideas that will help plug that security hole.

Got a Windows security tip of your own? Why not send it in? We'll post it on our Web site, and enter you in our tips contest for some neat prizes. Submit your tip today.

You may have some mobile Win2k users who need a higher degree of data protection than their non-mobile counterparts. Whether applied by the user or an administrator, here are some major security features that can be applied to protect data on a mobile computer.

Apply NTFS permissions
Data security on a mobile computer can be enhanced through the use of NTFS permissions, which allow/restrict access to files/folders on the installed hard drive. When applying permissions, however, be careful about granting permissions to group everyone.

User accounts
Make sure that mobile computers only have one user account (excluding the administrator and guest accounts). The fewer people who have access to the information on the mobile computer, the better.

Also, the Windows 2000 username should not be the name of the current user; it should be some other name that isn't easily guessed. For example, instead of John Doe, try jdoe5521 or doej2155. These are fairly easily doped out, but not as easily as johndoe.

Rename the administrator account
Rename or disable the guest account
The only time anyone should use the administrator account is when performing administrative tasks such as software installations. If the current user needs to grant temporary access to another user, then log on as administrator, and create a temporary account for the new user. Be mindful of the permissions granted in this case, and remove the account as soon as possible.

Encrypted file system
An excellent security feature that can be used in the protection of data is Windows 2000 encrypted file system. File encryption prevents data from easily being available to an unauthorized user. Here's how to encrypt the contents of a folder:

  • Right click the file or folder.
  • Click on Properties.
  • On the General Tab click Advanced.
  • If the "Compress Data to Save Disk Space" box is checked, clear it. Files or folders that are compressed cannot be encrypted.
  • Check the box that reads "Encrypt Contents to Secure Data"
  • Click OK to confirm

    The Windows help files contain more information on encrypting folders and files.

    Service pack updates
    Service pack updates can play a major role in data security when used in conjunction with the above-mentioned security procedures. Visit Microsoft's Web site periodically for any new service pack updates. If your notebook users are remote from your location, then you should establish a notification procedure to remind them to get new service packs/updates.

    About the author:
    Adesh Rampat has 10 years of experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics.

    Related book

    Maximum Windows 2000 Security
    Author: A Anonymous
    Online Price: $49.99
    Publisher Name: SAMS Publishing
    Date published: Oct. 2000
    Written by the same anonymous hacker who wrote the best-selling books "Maximum Security" and "Maximum Linux Security," this Windows-focused edition reveals the holes and weaknesses that compromise Windows 2000 security and how to fix them. It teaches practical, pre-emptive countermeasures against tricks and techniques employed by hackers.

  • This was last published in September 2001

    Dig Deeper on Information security policies, procedures and guidelines

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.