Restrict access and storage of customer and employee Non-Public Information on portable devices that leave the office. We hear news reports about lost laptops that contained sensitive information all the time. Do not let your company become a similar headline.
You need to inventory what is currently stored on employee laptops and smart phones. If you find unnecessary sensitive information on them, you need to remove it. If it is necessary, then you need to encrypt it or develop procedures that make it unnecessary. Be aware that if sensitive information is in Microsoft Outlook, it is on the smart phones or any other device that syncs with email or contact software.
Lock portable devices in a secure place. Even use cables and locks on laptops and USB drives while in use.
Consider using the ‘cloud’ to store and access sensitive information, and not to store the information on their laptops. Then the information is stored on a secure remote server with the laptops operating as terminals. As dumb terminals they only display information from the remote server, but do not store it.
If a laptop needs to contain sensitive data, encrypt it. Also, have your IT specialists configure it so users can’t download any software or alter the security settings without approval.
Employees to be careful when they’re on the road. A laptop or smart phone should never be visible in a car, left at the hotel baggage stand, or packed in checked baggage. If they must leave a them in a car, they need to be locked in the trunk. When going through airport security they need to keep an eye on their smart phone and laptop while they are on the belt.
We lose portable devices – smart phones, notepads, flash drives and USB storage drives – all they time. Your company needs to limit the risk when it happens by controlling what information is stored on them.
You cannot control what you don’t know.