How to Keep your Laptop Secure

How to Keep your Laptop Secure

May 8, 2024 | Desktop Support, Computer Support, Cybersecurity, Notebook PCs

Laptops have become an essential part of our lives. They store our personal and professional data, which can be devastating to lose. Therefore, protecting your laptop is crucial. This guide will provide you with a comprehensive approach to creating the most secure laptop. By following these suggestions, you can minimize the risks and safeguard your important data. Remember, it’s better to be safe than sorry when it comes to protecting your laptop.

Typical Risks of Notebook Computers

Laptops, also referred to as notebook computers, face various security risks that can compromise their data. To ensure the safety of your laptop and its data, it is crucial to identify the most probable risks first. Once you have identified the risks, you can develop strategies to mitigate them. Eventually, you will reach a point where you feel that you have done enough to improve security and further mitigation would make the laptop less user-friendly. You are essentially balancing the likelihood of a security incident with the inconvenience of implementation, maintenance, or the impact on usability.

Some of the common risks include:

1. Physical theft: Laptops are portable and can be easily stolen. If a thief gains access to your laptop, they can steal your personal and sensitive data.
2. Malware: Malware, including viruses, spyware, and ransomware, can infect your laptop and steal your data or encrypt your files.
3. Unsecured wireless networks: Public Wi-Fi networks are unsecured and can be easily hacked, allowing cybercriminals to access your laptop and steal your data.
4. Unsecured software: Installing unsecured software can introduce malware into your laptop, compromising its security.
5. Weak passwords: Using weak passwords makes it easy for hackers to gain access to your laptop and steal your data. Re-using passwords across platforms can lead to having accounts on other websites compromised.

Protecting your Laptop from Physical Theft

Theft of laptops is a growing concern for businesses as it can result in significant data loss and financial loss. Laptops are portable and can be easily stolen, which makes them a prime target for thieves. When a laptop is stolen, the data stored on it can be compromised, and the information can be used by the thief to commit fraud, identity theft, or other crimes. The theft of laptops can also lead to financial losses, as the company may have to pay for the replacement of the stolen laptop and any data that was lost. Additionally, if the stolen laptop contained sensitive information, such as customer data or financial information, the company may be subject to legal and regulatory penalties. It is important for businesses to have a plan in place to mitigate the risk of laptop theft, including implementing security measures, such as encryption and password protection, and having a backup and recovery plan in place.

Encrypt Your Hard Drive

Windows Users: Choose Bitlocker

BitLocker is a feature of the Windows operating system that provides encryption for the data on a computer’s hard drive. This means that the data on the hard drive can only be read if the user provides the correct password or key to unlock it. The purpose of BitLocker is to make it more difficult for unauthorized users to access the data on a computer’s hard drive, whether it be through theft, loss, or other means. Overall, BitLocker is a powerful security feature that can help to protect the data on a computer’s hard drive and the computer itself. By encrypting the data, BitLocker helps to prevent unauthorized access and protect the privacy and security of the data.

Because data encrypted with BitLocker is unrecoverable, it’s important that you not lose the encryption key (password). Be sure to write it down and store it in a safe place. Alternatively, you can store the key (.bek file) on a flash drive or with your personal Microsoft Account. Some folks choose to store the key as a secure note in their Password Manager. If you’re managing business systems at scale, you can store Bitlocker keys in Active Directory or Microsoft Entra ID (Azure Active Directory).

For your Mac: Utilize Filevault

FileVault is an encryption feature that is available on Mac computers. It allows users to store their data securely, and protect it from being accessed by unauthorized users. How FileVault works is by encrypting the entire hard drive of the computer, including the operating system, user files, and applications. This encryption process is done using a strong algorithm, and is done automatically when the computer is turned on. When a user logs in to their computer, they are required to enter a password or use their fingerprint to unlock the encryption. Once the encryption is unlocked, the user can access their data and use the computer as normal.

There are several options available for storing and recovering your encryption key. The first option is to use the built-in keychain feature in macOS. This allows users to store their encryption key in a secure location on the computer, and can be used to recover the key if it is lost or forgotten. Another option is to use third-party software, such as 1Password or Dashlane, to store and manage the encryption key. These programs offer additional features and security measures, such as two-factor authentication and biometric authentication. If a user forgets their encryption key, they can use the recovery key feature to recover their data. This key is stored separately from the encryption key, and is used to unlock the encryption in case the encryption key is lost or forgotten. Overall, FileVault is an effective way to protect your data on a Mac computer. It provides a strong level of encryption and is easy to use, making it an ideal choice for users who want to keep their data secure.

If you use Linux, go with LUKS

LUKS (Linux Unified Key Setup) is a cryptographic framework for Linux that provides full-disk encryption. It was developed by Werner Koch, the creator of the GnuPG (GNU Privacy Guard) encryption software. LUKS works by creating a container for the encrypted data and then encrypting the data within that container using a strong algorithm. The container is then wrapped in a header that contains information about the encryption method, the key, and other metadata. This header is then encrypted and stored separately from the data. To use LUKS, you will need to create a partition on your hard drive and then format it using the LUKS format. You can then create a keyfile or password to unlock the partition. The keyfile or password will be needed every time you boot your system to unlock the partition.

To store your recovery keys, you can use a password manager or store them on a piece of paper in a safe place. Make sure you do not store them with the rest of your sensitive data, as they will be needed to unlock your encrypted partition if you forget your password.

Mark Your Laptop

Marking your laptop is a simple and effective way to deter thieves from stealing it. You can use stickers on the case and charger, asset tags, or laser engraving to make it difficult for thieves to sell your computer.

Stickers on the case and charger can be a visible deterrent – you’ll easily tell that’s your notebook as the thief leaves the coffee shop. Stickers are pretty easy to remove, though. They’re really more useful to quickly ID your computer or display some flair.

Asset tags are another option. These small tags can be attached to your computer and have a unique serial number that can be used to identify your computer and the organization that owns it. These stickers are extra tough, but can be removed with a razor blade and some adhesive cleaner. Still, I’ve seen several customers get their lost or stolen laptop back because there was a quality asset tag attached to the base of the computer.

Laser engraving is a more permanent option. You can have your computer’s serial number laser engraved on the case. This makes it difficult for thieves to sell your computer, because they will have to remove the engraving, causing damage to the notebook.

No matter which method you choose, marking your laptop is a simple and effective way to deter thieves and make it more difficult for them to steal or fence your computer. Since it has no affect on usability and can be very inexpensive, it’s a good strategy. But if you’re using a FMV lease to pay for the laptop, be sure that you’re not violating your agreement by permanently altering the equipment.

Consider a Kensington Lock

A Kensington Lock is a security device that can be used to prevent theft of a laptop. It is a small, portable device that can be attached to a laptop using a key or combination lock. The Kensington Lock is designed to be difficult to remove without the correct key or combination, making it an effective deterrent to theft. To use a Kensington Lock, you first need to attach it to your laptop using the provided key or combination lock. Once the lock is in place, it will secure the laptop to a fixed surface, such as a table or desk, making it more difficult for thieves to steal. Overall, Kensington Locks are a simple and effective way to protect your laptop from theft, and they can be a valuable addition to your security setup.

Keeping your Laptop Clear of Malware

Malware is a serious threat to the security of your notebook. It can be used to steal sensitive information, such as passwords and credit card numbers, or to cause damage to your computer. Malware can be spread through email attachments, downloads from the internet, or infected files. It’s important to address the threat of malware to keep your notebook secure.

Install Reliable Antivirus Software

Properly using antivirus software is crucial to protecting your computer against various types of malware, such as viruses, Trojans, spyware, and ransomware. These malicious programs can steal your personal information, slow down your device, or even render it unusable.

For Windows users, the built-in antivirus software is Windows Defender, which is a reliable and free option. Windows Defender provides real-time protection against threats, regularly updates its database, and offers a comprehensive suite of security features.

The Best Antivirus for Business

At Inacom, we’re huge fans of SentinelOne. Their AI-powered security platform offers endpoint security and an XDR solution in one. Give us a call at 410.543.8200 if you’d like to learn more.

For Mac users, I would suggest using antivirus software specifically designed for Macs. Some popular options include Bitdefender Antivirus for Mac, Norton Security for Mac, and Kaspersky Internet Security for Mac.

For Linux users, the choice of antivirus software can be more limited. However, some popular options include ClamAV, Avast, and Sophos Antivirus.

It’s important to note that no antivirus program can guarantee 100% protection against all types of malware, and if you don’t regularly update your software and run scans the antivirus isn’t going to protect you.

Implement Backups

Maintaining proper backups of your computer is crucial for ensuring the security and integrity of your data. Backups provide an additional layer of protection against data loss due to hardware failure, software corruption, or malicious attacks.

While cloud file storage services like OneDrive offer convenience, they are not a proper backup solution. Cloud storage services are designed for synchronizing and sharing files, not for long-term storage and retrieval of large amounts of data. Additionally, they are susceptible to service outages, data breaches, and data corruption. And consider this – if that Word document is infected with a malicious macro, it just got distributed to all of your devices. Yikes!

A proper backup strategy involves creating multiple copies of your data and storing them in different locations. The 3-2-1 backup strategy recommends having three copies of your data, two of which are stored on different types of media (such as an external hard drive and a cloud storage service), and one of which is stored offsite. This ensures that you can recover your data in the event of a disaster or data loss.

In addition to creating backups, it’s also important to keep your backups up to date and test them regularly to ensure their accuracy and reliability. This will help you recover your data quickly and minimize the impact of any data loss.

Organizations Should use a Premium Backup Solution!

Inacom uses Veeam products to create and manage system backups. Veeam Backup & Replication is used to create backups of virtual machines, physical computers, and databases across a number of different systems and platforms for disaster recovery purposes. It can also be used to restore backups to their original location or to a new location.

Avoid Sketchy Websites

The more questionable material you view, the greater the chance that a piece of malware will infect your computer. Avoid visiting sketchy websites offering free copies of software, pirated media, and adult-oriented images and videos. These are often used as bait to distribute malware.

Avoiding the Risks of Unsecured Wireless Networks

Implement a Firewall on the Computer

A software firewall is a program that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between your laptop and the internet, protecting your computer from malicious attacks and unwanted connections.

The purpose of a software firewall on your laptop is to:

  • Block unauthorized access to your computer and network.
  • Prevent malware infections by blocking suspicious traffic.
  • Protect your personal information and data from being stolen or leaked.
  • Limit the exposure of your computer to potential security threats.

Free Firewall Options for Windows Computers

  • Windows Firewall: Built-in firewall that comes with Windows operating systems.
  • Comodo Firewall: A free firewall software that provides advanced security features.

Free Firewall Options for Macs:

  • Little Snitch: A firewall software that monitors and controls incoming and outgoing network traffic.
  • Blockade: A free firewall software that blocks unwanted network traffic.

I recommend these Firewall Options for Linux Users

  • UFW: A user-friendly front-end for the iptables command-line firewall tool.
  • FirewallD: A graphical user interface for the firewalld service that provides a simple way to manage your firewall rules.

Use a VPN for Public Wi-Fi Connections

When you connect to a public wifi network, you are exposing your device to a range of potential cybersecurity threats. Hackers can use public wifi networks to snoop and intercept traffic to steal sensitive information, such as login credentials, financial data, and personal information. To protect your device and data, it’s important to use a VPN when accessing public wifi networks.

A VPN encrypts your internet traffic before it leaves your computer, and hides your IP address while accessing the Internet, making it much more difficult for hackers to intercept your data or track your online activities. Without a VPN, your internet traffic is vulnerable to a range of cybersecurity threats, including:

  • Man-in-the-middle attacks: Hackers can intercept your internet traffic and steal sensitive information, such as login credentials or financial data.
  • Phishing attacks: Hackers can create fake websites or email addresses to trick you into sharing sensitive information, such as login credentials or personal information.
  • Malware infections: Hackers can use public wifi networks to distribute malware, such as ransomware or spyware, which can infect your device and steal your data.

The Risks of Outdated Software

Using outdated software can pose a significant risk to the security of your PC. Software developers are constantly releasing updates and patches to address security vulnerabilities, bugs, and performance issues. By failing to update your software, you are leaving your computer open to potential attacks and data breaches. So be sure to regularly apply updates to your Operating System and any software installed on your laptop.

Are your Business Computers Up to Date?

If you can’t answer that question, consider using a Managed Service Provider like Inacom. We’ll keep an eye on your computers, so you can focus on your business.

Implement Better Password Management

Use Strong Passwords or Passphrases

A strong password or passphrase makes it much harder for someone to gain unauthorized access to your notebook computer. This is because password cracking software can only test so many possible combinations of characters, so if your password is longer and more complex, it will take longer for the software to crack. Additionally, a strong password or passphrase makes it less likely that a person will be able to guess or figure out your password through trial and error. This can help to protect your personal and sensitive information from being stolen or compromised.

Modern Password Managers can be a Huge Help

Using a modern password manager offers a wide range of benefits, particularly when it comes to tracking your credentials across multiple applications and services. Here are a few reasons why:

  • Security: Password managers generate strong, unique passwords for each of your accounts, ensuring that each of your credentials is secure and difficult to crack.
  • Convenience: With a password manager, you only need to remember one master password or PIN to access all of your accounts. This eliminates the need to remember multiple passwords, which can be time-consuming and frustrating.
  • Compatibility: Password managers are designed to work across multiple devices and platforms, making it easy to access your credentials from anywhere, on any device.
  • Customization: Password managers allow you to customize your passwords, such as by adding special characters or numbers, to make them even more secure.
  • Backup: Password managers offer backup options, ensuring that your credentials are safe and secure, even if your device is lost or stolen. Overall, using a password manager can help to simplify your life while keeping your credentials secure and protected.

My favorite password manager at the moment is BitWarden. It’s an open source solution that offers free password management in your web browser, so it’s OS agnostic. Whenever you add or update a login, the change is synchronized across all of your devices, including your mobile phone. You can support the project and gain some premium features for only $10/yr, and family accounts are $40.

If you don’t trust the cloud, you could use KeyPassXC installed locally on your computer. It runs on Windows, Mac OS, and Linux. Just be sure to back up your database!

Consider Biometrics

Biometrics can help manage complex passwords that are hard to remember by replacing them with a unique and secure method of authentication. This is particularly useful in situations where passwords are required for accessing sensitive information or systems, such as in a business or government environment.

One example of biometric authentication is Windows Hello, which is available on most business-class laptops today. Windows Hello allows users to log in to their devices using facial recognition or fingerprint scanning, eliminating the need for a traditional password. This not only makes it easier for users to access their devices, but also improves security by reducing the risk of password-related breaches.

Another example of biometric authentication is fingerprint readers, which are commonly found on business-class laptops. These readers allow users to log in to their devices using their fingerprint, which is unique and secure. This is particularly useful in situations where multiple users share the same device, as it ensures that only authorized users are able to access the device and any sensitive information stored on it.

Overall, biometric authentication is a powerful tool for managing complex passwords that are difficult to remember. It provides an easy and secure way for users to access their devices and systems, while also improving security by reducing the risk of password-related breaches.

Conclusion

I hope that these strategies to help keep your laptop secure are helpful to you. If you ever need assistance managing your business computers at scale, Inacom is here to lend a hand. Our Managed Services can help to standardize configurations according to these best practices and provide expert remote support when necessary.

Related posts:

  1. 5 key findings from the 2023 Verizon Data Breach Report

    The 2023 Verizon Data Breach Investigations Report analyzed 16,312 security incidents. Cyberthreats are targeting employees and SMBs more than ever....

  2. Best Practices to Protect Your Business from Cyberattacks

    Cybersecurity remains top of mind for businesses as our world becomes more digitized. A recent report from IBM discovered that on average globally, the cost of a data breach was...

  3. The Most Secure Business Laptops of 2024

    For business users and IT Departments, having a secure laptop is essential. Here, we've compiled a list of the most secure business laptops available in 2024, each equipped with cutting-edge...

  4. What to Look for When Choosing a Managed IT Service Provider

    If you're not living in the tech world, you might be asking yourself - "What does Managed Service Mean?" Managed IT services (called hybrid IT when combining in-house and outsourced...

Popular Tags
antivirus biometrics cybersecurity phishing
Share

Travis Fisher

Travis is Inacom’s Executive Vice President, tasked with assisting customers with their web based marketing initiatives. He’s kinda famous for his BBQ. He lives in Easton, MD with his amazing wife, two kids, and two dogs.

0 Comments

Looking For a great IT service provider?

Contact Us

More Posts by Category

Recent Posts