Which approach best describes implementing physical security for a laptop

Laptops should be secured at all times. Keep it with you or lock it up securely before you step away -- and make sure it is locked to or in something permanent.

Use extra security measures for portable devices (including laptop computers) and portable electronic media containing sensitive or critical info:

  • Encryption
  • Extra physical security
  • Even portable devices and media with encrypted PII must have strict physical security.

Securely delete  when it is no longer needed for business purposes. Minimizing the amount of sensitive data stored reduces risk in the case of theft. For information on how to securely delete files, see PC/Mac, or email)

Report suspected theft of UCSC-related computing equipment to the UCSC Police Department. Be sure to let them know if the stolen equipment contains any sensitive information. Local authorities should also be contacted if the incident occurs away from campus.

Insecure storage or transmission of PII and other sensitive information:

Examples

  • PII, protected student records, or financial data being emailed in plain text, or sent in unprotected attachments. This puts data at risk should it be intercepted while in transit.
  • Saving files containing PII or protected student data in a web folder that is publicly accessible online.
  • Files containing SSNs generated by a web form stored in the same publicly-accessible directory as the web form.
  • Be sure you know who has access to folders before you put sensitive data there!
  • Be certain you don’t put sensitive information in locations that are publicly accessible from the Internet. Double check. If you can access it online without a password, so can others.
  • Always transmit sensitive data securely. This includes remote access and client/server transmissions.
  • Don't use open/unencrypted wireless when working with or sending this data.
  • Don’t email or IM (instant message) unencrypted sensitive data.
  • Don’t forget about sensitive data in attachments, screen shots, test data, etc. These need to be sent securely, as well.
  • Don't send paper mail that displays a person's Social Security number, financial account information, or Drivers License/State ID number.

Password hacked or revealed.

This can lead to compromised data, compromised systems, and people using your accounts without your knowledge.

  • Use good, cryptic passwords that are difficult to guess, and keep them secure
  • Never share or reveal your passwords, even to people or organizations you trust
  • Use different passwords for work and non-work accounts.
  • Have a unique password for each account.
  • Change initial and temporary passwords, and password resets, as soon as possible whenever possible. These tend to be less secure.
  • See UCSC’s Password Strength and Security Standards.

Missing "patches" and updates:

Hackers can take advantage of vulnerabilities in operating systems (OS) and applications if they are not properly patched or updated. This puts all of the data on those system and other connected systems at risk.

Make sure all systems connected to the network/Internet have all necessary operating system (OS) and application security “patches” and updates.

Computer infected with a virus or other malware:

Computers that are not protected with anti-malware software are vulnerable. Out-of-date anti-malware may not detect known malware, leaving your computer vulnerable to infection.

  • Install anti-malware software and make sure it is always up-to-date.
  • Don't click on unknown or unexpected links or attachments. These can infect your computer.
  • Don’t open files sent via chat/IM or P2P software on a machine that contains sensitive data – these files can bypass anti-virus screening.
  • Free software and additional information

Improperly configured or risky software:

This can open your computer up to attackers.

  • Don't install unknown or suspicious programs on your computer. These can harbor behind-the-scenes computer viruses or open a “back door” giving others access to your computer without your knowledge.
  • Don’t put sensitive information in places where access permissions are too broad.

Insecure disposal & re-use:

Examples:

  • Idaho Power Co. (Boise, ID): Four hard drives sold on eBay in 2006 contained hundreds of thousands of confidential documents, employee names and SSNs, and confidential memos to the CEO.
  • A computer at Loyola University containing names, Social Security numbers, and some financial aid information for 5800 students was disposed of before the hard drive was wiped. 
  • The Georgia Dept. of Human Resources notified parents of infants born between 4/1/06 and 3/16/07 that paper records containing parents' SSNs and medical histories -- but not names or addresses -- were discarded without shredding. 
  • Boston Globe used recycled paper containing credit, debit card, and personal check routing information for printing and for wrapping newspaper bundles for distribution. As many as 240,000 records were potentially exposed.
  • Photocopiers that were used to copy sensitive medical information were sent to be re-sold without wiping the hard drives. The data was discovered in the warehouse storing the copiers.
  • Destroy or securely delete sensitive data prior to re-use or disposal of equipment or media. For information on how to securely delete files, see PC/Mac, or email.
  • Work with Copy Services or ITS to securely erase printers, fax machines and photocopiers before disposal, resale or returning them to the vendor.
  • Shred sensitive paper records before disposing of them. Do not re-use them where the information could be exposed.

Contractor computer compromised:

Examples:

  • Boston College server run by a contractor containing addresses and SSN of 120,000 individuals was compromised.
  • A laptop containing the names, Social Security numbers and credit card information for 84,000 University of North Dakota alumni was stolen from the car of a contractor hired to develop software for the University. 
  • A company handling claims for the Georgia Department of Community Health lost a CD in transit containing 2,900,000 individuals' personal information including addresses, birthdates, dates of eligibility, full names, Medicaid or children's health care recipient identification numbers, and Social Security numbers.
  • You are responsible for the security of all UCSC sensitive data you transmit or provide access to, including to non-UCSC machines and contractors.
  • Ensure proper contract language is in place and that contractors understand their obligation for protecting sensitive UCSC information.
  • Never send or download PII to an insecure or unknown computer.

Development server compromised:

People sometimes think that "test" and "development" systems don't need to be as secure as "live" or "production" systems. This is a myth. If real data is used, it needs to be protected based on its level of sensitivity, regardless of what kind of system it is in. Otherwise, it's an easy invitation for hackers.

Don’t use actual sensitive data in test or development systems, or for training purposes. If actual data is used, security for the system, test results (including screenshots), log files containing personal data, etc., must be equal to a comparable production system or data, including access controls.

What allows you to physically secure a laptop from theft?

Portable devices such as laptops are particularly vulnerable to theft, loss, and resale, and should be properly secured with a lock. Most laptops and desktop computers have built-in slots made to connect with a cable lock. These locks are available at most computer stores.

What are the three factors to keep in mind with physical security?

The physical security framework is made up of three main components: access control, surveillance and testing. The success of an organization's physical security program can often be attributed to how well each of these components is implemented, improved and maintained.

Which wearable technology would be best used to track sleep patterns?

The best sleep tracker overall When it comes to tech, the Fitbit Sense 2 is the best wearable sleep tracker on the market right now, and we've tested it extensively.

What are the functions of a laptop cable lock in quizlet?

A cable lock can be used to physically secure a laptop to deter theft. Biometric authentication does not physically secure a laptop. A multi-factor password policy does not physically secure a laptop.