BYOD - Laptop Security Guideline

From Officience
Jump to: navigation, search

In February 2018, Thanh Tam TRAN and Hoai Linh NGO created a BOYD - Laptop Security Guideline which gives some practices to ensure the Security and protect the data on your laptop.

“The best way to protect the data on a laptop is to prevent it from being stolen in the first place”


Purpose

Corporate and BYOD - laptops are often the biggest data security threat for a company. Laptops contain highly sensitive information but are extremely vulnerable to theft or loss. Therefore, appropriate measures must be taken when using laptops to ensure the confidentiality, integrity, and availability of sensitive information including customers’ data. Appropriate measures must also be taken to reduce the likelihood of physical loss or damage to laptops

Best practice implemented in Officience

Theft Prevention

  • Provide employees with theft prevention awareness training
  • Implemented other physical security policies: Ensure visitors, vendors are always accompanied (guideline ref attached)
  • Installed cameras in the working place and at exits.
  • There are lockers with keys which can keep the laptops safe in case the employees leave it in the office.

Limiting the Risk of Stolen Data

  • Implement a secure password to make it difficult for a thief to log on to a stolen laptop
  • Change password on a regular basis and comply with password guideline advised by ITS
  • Implement a mechanism for section-auto-locking (ie enable lock screen function) after a short period of inactivity to ensure laptops that were left unsecured will be protected.
  • Encrypt all customer data or important hard drive
  • Keep an up-to-date backup of all data to ensure the work isn’t lost if a laptop goes missing.

User awareness

Provide all necessary training on security and data privacy which highlight the below in regards to Laptop security

  • Be warned not to install unauthorized/cracked software from untrusted sources on the laptop.
  • When traveling by air or train, the laptop should never become checked baggage and should always be kept as carry-on luggage.
  • During hotel stays, laptops should not be left unsecured in the room. If the user cannot take the laptop with them when leaving the hotel, it should be secured with a cable lock or left in the hotel safe.
  • Ensuring laptops are not left unattended in public places
  • Lost or stolen laptops should be reported to the ITS as soon as possible
  • Securing laptops (screen auto lock or log out) when not working to prevent unauthorized access
  • A software firewall (such as Windows Firewall) should be turned on and configured for the minimal access necessary to perform normal work.
  • Antivirus software must be installed and have to be kept up to date.
  • Must be done:
    • User to get check-up list from ITS and sign an agreement to comply with the list (attached) to make sure laptop model and configurations qualified for work (if the user wants to apply the laptop allowance practice)
    • User to read the User Agreement Form carefully and sign the agreement to comply with the security requirements to make sure the confidentiality, integrity, and availability of sensitive information of the company including customers’ data

Technical support from ITS

  • Support user with data encryption and password management.
  • Health check regularly (every 3 months) to make sure if the registered laptop has a software firewall (such as Windows Firewall) and Antivirus are installed and updated.
  • Review and discuss the risk with the user.
  • Grant only least privilege required to work


Reference

Retrieved from "http://wiki.officience.com/index.php?title=BYOD_-_Laptop_Security_Guideline&oldid=942"