Lost Laptops, Exposed Data

The portability of laptops and cell phones is convenient, of course, but that same portability means that such devices are easily lost or stolen. If your laptop, nethook, phone, or other device falls into the wrong hands, unauthorized users may access the sensitive data that you've stored there.

Encrypt your data: You can use a utility such as Microsoft's BitLocker to encrypt data. Unfortunately, BitLocker is available only for Windows Vista and Windows 7, and even then it's exclusive to the Ultimate and Enterprise editions of those OSs (and is also available in Windows Server 2008); you won't find the tool in the consumer versions of Vista and Windows 7. Fortunately, BitLocker isn't the only game in town. You can use another encryption program, such as TrueCrypt (find. www.pcworld.com; available for free under open-source licensing), to protect your data from unauthorized access.

Encrypting your data is not without a pitfall or two, however. The big­gest issue is to ensure that you always possess the key. If you lose your encryption key, you will quickly discover just how good encryption is at keep­ing out unauthorized users.

Use stronger passwords: If encrypting seems to be more of a hassle than it's worth, at least use strong passwords to protect your PC. Longer passwords are better; more characters take longer to crack. You should also mix things up by substituting numbers and special characters for letters. For example, instead of "PCWorldMagazine", you could use "PCWorldM@g@zin3". Though that's still a phrase you can easily remember, the character diversity makes it significantly harder to guess or crack.

You should have a secure password to log in to your user account even if you're the only person who uses your computer. Note, however, that while strong passwords arc a great deterrent, they aren't impervious to attack: An invader who has physical possession of your computer can find ways to get around that protection.

Lock down your BIOS: By implementing a BIOS password or a hard-drive password (or both), you can ensure that no one else can even boot the computer. Getting into the BIOS varies from system to system. The initial splash screen that your PC displays usually tells you which key to press to access the BIOS settings; watch as the computer is booting, and press <Del>. <Esc>, <F10>, or whichever key it specifies. Once inside, find the security settings. Again, these settings vary from vendor to vendor, but the BIOS settings are fairly rudimentary. Learn more about accessing and navigating your system's BIOS at find.pcworld.com/64335.

You can set a master password that prevents other people from booting your computer or altering the BIOS settings (find.pcworld.com/4336). Ibis option goes by different names, but it is often called an administrator password or supervisor password. If you wish, you can also set a hard-drive password, which prevents any access to the hard disk until the password is entered correctly.

Methods for circumventing these passwords exist, but having the passwords in place creates another layer of security that can help to deter all but the most dedicated attackers.

Use a recovery service: If your equipment gets lost or stolen, you'd like to recover it; but if you can't get your hardware back, you'll at least want to erase the data it holds. Some vendors, such as HP and Dell, offer services that try to do both for select laptop models. Both HP's Notebook Tracking and Recovery Service and Dell's Laptop Tracking and Recovery are based on Computracefrom Absolute Software. When you report that a laptop protected with one of these services has been lost or stolen, a small application running in the background on the PC waits for the computer to connect to the Internet and then contacts the monitoring center to relay location information for finding the machine. If a protected lost or stolen laptop cannot be retrieved, or if the data on a system is highly sensitive, these services allow you to remotely erase all of the data stored on it.

Though less comprehensive, free utilities such as the FireFound add-on for Firefox (find.pcworld.com/64229) provide similar capabilities. You can configure FireFound to automatically delete your passwords, browsing history, and cookies following a failed login attempt.

Mobile phones can hold a significant amount of sensitive data, too. Fortunately, services such as Find My iPhone, part of Apple's $99-per-year MobileMe service and Mobile Defense for Android-based smart-phones perform similar feats of location tracking and remote data wiping for “smartphones” Both MobileMe and Mobile Defense can use the built-in GPS capabilities of your smartphone to pinpoint the current location of the device and relay that information back to you.