Musings on Information Security

This Month

Month Archive

November 2007
October 2007
August 2007
July 2007
April 2007

Main Page

Photos

Simplified Security: Security 101

Quotable security quotes

BS7799

Guest Column

Interview

Secure Personal Computing

Security Awareness Training

Good Security Customer

Security Initiative

security

RSS Newsfeeds

Main Page RSS

This work is licensed under a Creative Commons Attribution 2.5 License.

Main Page

« July | October »

Wednesday, August 29

The Moo Security through Sacredness

by RaviC on Wed 29 Aug 2007 04:30 AM PDT

I am currently in India, attending my dad's health concern. I stay awake at wee hours, still recovering from the jetlag. Cow is considered a sacred animal in India for multitude of reasons:

1. Cow gives milk which is a main source of protien in many parts of India.

2. Diluted cow's milk is given to newly born baby in cases where mom is not lactating hence elevating the status of a cow to that of a mom.

3. Cow's dung can be used as manure and also dried dung cake is used as fuel.

4. Cow's urine is used as a cleansing agent and also for other medicinal purpose.

Cow is considered sacred because of its utility value to common people. Cow roams around in the streets of my hometown freely and they are unharmed because they are sacred. By being sacred, cow is the most secure animal over here.

Security function is considered as an extension of IT, it is an overhead of an overhead - it is not sacred. Security function usually is the foremost to feel the pinch due to IT budget cut. A good way to make security function "secure" is to make it sacred. There are standards like ISO27001, COBIT which are well respected and considered sacred in the security domain. By conformance of security function to such standards we can not only create a perception of "sacredness" for the security program but also communicate value of the program easily through the standard's framework.

Leave Comment | Permanent Link | Cosmos

Saturday, August 18

Lost laptop = Lost data!

by RaviC on Sat 18 Aug 2007 08:28 AM PDT

Laptop has become our essential travel companion. Lost brand new laptop without personal or company data will result in a loss of current market value of the laptop. Lost laptop with personal or company data can result in a loss which can depend on the value of the "data". It is easier to make amends for the lost laptop but making amends for lost valuable company data or valuable personal data may not be possible.

It is very important for us to be "laptop data aware" i.e. the categories of data it has and the consequences of lost data. A good practice is to treat your laptop like your wallet.

I found these 9 tips on Microsoft website. These tips are really thoughtful and well written and hence I like to repeat it below:

Use these 9 tips to learn how you can keep your laptop more secure when you're on the road.

1.

Avoid using computer bags. Computer bags can make it obvious that you're carrying a laptop. Instead, try toting your laptop in something more common like a padded briefcase or suitcase.

2.

Never leave access numbers or passwords in your carrying case. Keeping your password with your laptop is like keeping the keys in the car. Without your password or important access numbers it will be more difficult for a thief to access your personal and corporate information.

3.

Carry your laptop with you. Always take your laptop on the plane or train rather then checking it with your luggage. It's easy to lose luggage and it's just as easy to lose your laptop. If you're traveling by car, keep your laptop out of sight. For example, lock it in the trunk when you're not using it.

4.

Encrypt your data. If someone should get your laptop and gain access to your files, encryption can give you another layer of protection. With Windows XP and Windows Vista you can choose to encrypt files and folders. Then, even if someone gains access to an important file, they can't decrypt it and see your information. Learn more about how to encrypt your data with Windows XP or encrypt your data with Windows Vista.

5.

Keep your eye on your laptop. When you go through airport security don't lose sight of your bag. Hold your bag until the person in front of you has gone through the metal detector. Many bags look alike and yours can easily be lost in the shuffle.

6.

Avoid setting your laptop on the floor. Putting your laptop on the floor is an easy way to forget or lose track of it. If you have to set it down, try to place it between your feet or against your leg (so you're always aware it's there).

7.

Buy a laptop security device. If you need to leave your laptop in a room or at your desk, use a laptop security cable to securely attach it to a heavy chair, table, or desk. The cable makes it more difficult for someone to take your laptop. There are also programs that will report the location of a stolen laptop. They work when the laptop connects to the Internet, and can report the laptop's exact physical location. Some tracing programs include CyberAngel and ComputracePlus.

8.

Use a screen guard. These guards help prevent people from peeking over your shoulder as you work on sensitive information in a public place. This is especially helpful when you're traveling or need to work in a crowded area. This screen guard from Secure-It is just one example of a screen guard you could use.

9.

Try not to leave your laptop in your hotel room or with the front desk. Too many things have been lost in hotel rooms and may not be completely secure. If you must leave your laptop in your room, put the "do not disturb" sign on the door.