Reducing The Negative Impact of Laptops 221
Mark Brunelli wrote to mention a SearchEnterpriseLinux column about reducing the negative impact laptops can have on a network's security. From the article: "Portable computers often become an extension of the person using them. It is no surprise that laptop users are inclined to be rather autonomously minded. Many users don't realize that the power they have to install software and change settings is risk prone. Fortunately, larger corporations that install Microsoft Windows XP Professional usually don't grant the laptop user full administrative rights. The same cannot be said of smaller businesses, many of which simply purchase laptops from the local store -- laptops pre-installed with Windows XP Home Edition. "
Linux (Score:3, Informative)
Better still, use the truly secure Linux operating system. Six months after making the change, you will not use Windows again. The cost of Linux is also much less than the cost of upgrading Windows XP Home Edition to Windows XP Professional.
Unfortunately Linux isn't as easy to use for most people. How about suggesting that they use a Mac? Macs are secure and are easy to use.Some standard security items.. (Score:2, Informative)
1) Most laptops now have wireless cards. If this is the case, use an encrypted connection to an AP.
2) Even then, use as many encrypted streams as you can (ssh, https, pop3s/imaps, etc.).
3) Physical security. It's easy for anyone to run off with your computer. So keep track of it... don't leave it on the table at the library.
Please tell me your joking (Score:3, Informative)
Re:Linux (Score:3, Informative)
Re:Laptops get around too much (Score:5, Informative)
You would not believe the crap you have to deal with on hotel networks. If anyone is counting on the firewalls keep the network clean, guess again. This has to be at the machine level, each one an island. I keep the shield up on my laptop and (knock on wood) have yet to have an issue - but most of the broad band connections your typical road warrior deals with is a cesspool of worms, viruses, and other such nasties.
Re:Please tell me your joking (Score:1, Informative)
A slight amendment is in order... (Score:3, Informative)
Mark Brunelli, News Editor of searchEnterpriseLinux.com wrote to mention a SearchEnterpriseLinux column about reducing the negative impact laptops can have on a network's security. From the article: "Portable computers often become an extension of the person using them. It is no surprise that laptop users are inclined to be rather autonomously minded. Many users don't realize that the power they have to install software and change set
I don't mind plugging articles for your own site, but at least practice full disclosure.
http://searchenterpriselinux.techtarget.com/meetE
Re:Windows security (Score:1, Informative)
Damnit!
As I mentioned once before...
Didn't you guys have English class in middle school?
Love,
The Grammar Nazi
This is where you find a support solution. (Score:2, Informative)
Well, for a Unbuntu end user there is always just paying [ubuntu.com] for real techsupport. I know Redhat can help out with getting Wine to work (saw it happen), dont know about Canonical.
For a business I would never even consider using a specific distro unless there was a live person on the other end of a phone line. It just wouldn't happen otherwise.
Redhat, Canonical, and Novell all offer excellent support for Linux, you cant go wrong.
I locked my sister's kids out of windows XP Home.. (Score:5, Informative)
Since when does having windows XP Home edition prevent you from adding multiple users, some of them restricted users who can't install software? is it because you only know how to use XP pro's tools to manage security? you don't know how to lock down IE with the help of a few simple freeware utilities you can download off the internet
I don't get it
If I'm missing some big reason please tell me, other than XP pro costs at least $120 more (oem pricing) why someone needs to run Pro to do something i did on XP home just last weekend...
Well, go and set up the Computer correctly (Score:2, Informative)
Make your checklist and go through it with any Notebook that is introduced to the Company.
# encrypted /home (I don't remember what it is called on Windows) prevents a lot of ugly
things we see from stolen Notebooks nowadays.
# /home (he did it again) must be mirrored (possibly unencrypted) on a Server, (I think
you got to check for the term server side
profiles)
# No Administrative rights! I mean absolutely no administrative rights on the standard
working User!
# The Notebook needs to go back to IT-Department on sporatic calls once or twice
a year to check if the user breached the security rules of the Company (...pr0n, fun tools...)
# automatic windows updates, asap ! (Hell yea I know we like to know what is beeing installed,
but this notebook is not allway available for the Admin)
# Centralized AV-Updates (this puts the power back to the Admin, we like that)
# All connections to the LAN from anywhere go through a VPN, even WLAN.
# Once you have done the whole setup, you may want to use dd (or ghost or ...) to take a
image of the notebooks Harddrive. So you never need to so this for this Notebook again.
# YES, please document what you did, so the next Notebook will not be such a pain. This
also gives you the possibility to review the security every now and then.
I surely forgot something, but this is a starter! Feel free to put more on the lis
Re:Pocket Knife (Score:3, Informative)
Maybe you have forgotten, or maybe not, but 50% of people are of below average intelligence.
I'd bet good money that a good portion of those of above average intelligence, are not working for someone else in a capacity where they have to take their work home with them.
Companies - the kind of person that is willing to take home his/her work home on a laptop is generally unsuitable for the task. (See Groucho Marx on Club Membership)
How about 10,000 laptops with XP Home? (Score:4, Informative)
By the time I flagged this appalling oversight, the procurement process was too far advanced. So, a US$44 million procurement went ahead using XP Home on the kits.
The application? Electronic Voter Registration in a large sub-saharan country in Africa.
So it's not just small businesses who drop the ball.
The budget will never be there to upgrade to XP Pro. And they simply don't have the skills to replace XP with a Linux distro and port the application (which is proprietary anyway).
Does anyone have thoughts on what can be done to improve the security of XP Home?