Keeping Laptops SecureKeeping Laptops Secure

Mike DelahuntyMike DelahuntyBryan LutzBryan Lutz

Kimberly PengKimberly PengKevin KazmierskiKevin Kazmierski

John ThykattilJohn Thykattil

Defense Team:Defense Team:

Agenda

Four cornerstones of secure computing as they relate to laptop security Confidentiality Authenticity Integrity Availability

Confidentiality Problems

Over 600,000 laptop thefts occurred in 2004, totaling an estimated Over 600,000 laptop thefts occurred in 2004, totaling an estimated $720 million in hardware losses and $5.4 billion in theft of proprietary $720 million in hardware losses and $5.4 billion in theft of proprietary information. information. -- Safeware Insurance, 2004 -- Safeware Insurance, 2004

Confidentiality Problems

Intellectual Property – data is easily Intellectual Property – data is easily accessible to competitorsaccessible to competitors

Brand/Company Impact – damaging Brand/Company Impact – damaging information can be found on laptops that information can be found on laptops that can tarnish the brand or companycan tarnish the brand or company

Public Policy – fines from regulatory Public Policy – fines from regulatory agencies or government; FERPA, HIPAA, agencies or government; FERPA, HIPAA, California Senate Bill 1386, Sarbanes-Oxley California Senate Bill 1386, Sarbanes-Oxley & Title One& Title One

Confidentiality Problems Cont.

High Costs – direct costs from above as High Costs – direct costs from above as well as peripheral expenses due to legal well as peripheral expenses due to legal fees, free credit monitoring for customers fees, free credit monitoring for customers and loss of customer/investor trustand loss of customer/investor trustPortable Memory – e.g. reliance on USB Portable Memory – e.g. reliance on USB memory sticks to transfer data; devices memory sticks to transfer data; devices are easy to lose due to sizeare easy to lose due to size60% of data breaches are due to loss of 60% of data breaches are due to loss of mobile devicesmobile devices11

Authenticity Problems

Cracking Security: Strong password requirements are often not mandated. In these

cases, brute force entry does not take a tremendous effort. Well known accounts often remain enabled, providing an easy

target.

Circumventing Security: Booting an Operating System off of USB devices or optical

media is another way to circumvent security. Unknowingly or mistakenly connecting to a network run by a

hacker can provide access to data.

Integrity ProblemsMany laptop users have Administrator privileges Able to install unauthorized programs, both

intentionally and unintentionallyViruses, spyware, and other malware can install automatically using the user’s elevated privilegesUnauthorized installed applications can lead to system instability or conflicts with approved applicationMay accidentally uninstall necessary programs or delete important system files

Causes more administrative overhead for IT staff

Integrity Problems Cont.

Expired Antivirus Definitions Exposes laptop to newer viruses

Wide range of damage depending on virus

Insecure Networks Laptop user may connect to insecure networks

(wired or wireless)Snooping or intercepting of data can occur

Company IP can be lost

Laptop more exposed to hacker threats

Availability Problems

Availability - The ability to use the information or Availability - The ability to use the information or resource desiredresource desiredFor laptops, a loss of available information is loss For laptops, a loss of available information is loss of dataof data

Hardware damage Hardware damage Software corruption Software corruption

Loss of data for laptops *Loss of data for laptops * 44% - Hardware Malfunction44% - Hardware Malfunction 32% - User Error32% - User Error 14% - Software Corruption14% - Software Corruption 7% - Computer Viruses7% - Computer Viruses 3% - Natural Disasters3% - Natural Disasters

* * Data provided by “Disc Data Recovery”, http://www.diskdatarecovery.netData provided by “Disc Data Recovery”, http://www.diskdatarecovery.net

Availability Problems

Availability - The ability to use the information or Availability - The ability to use the information or resource desiredresource desiredFor laptops, a loss of available information is loss For laptops, a loss of available information is loss of dataof data

Hardware damage Hardware damage Software corruption Software corruption

Loss of data for laptops *Loss of data for laptops * 44% - Hardware Malfunction44% - Hardware Malfunction 32% - User Error32% - User Error 14% - Software Corruption14% - Software Corruption 7% - Computer Viruses7% - Computer Viruses 3% - Natural Disasters3% - Natural Disasters

* * Data provided by “Disc Data Recovery”, http://www.diskdatarecovery.netData provided by “Disc Data Recovery”, http://www.diskdatarecovery.net

44% - Hardware Malfunction44% - Hardware Malfunction

44% - Hardware Malfunction44% - Hardware Malfunction

““head crash”head crash” Read-write head touches the rotating platterRead-write head touches the rotating platter Platters spin 5,000 to 15,000 RPMs / secondPlatters spin 5,000 to 15,000 RPMs / second

A touching head is the equivalent of a 72 mph crashA touching head is the equivalent of a 72 mph crash

““The click of death”The click of death” Clicking sound in disk storage systems that signals the Clicking sound in disk storage systems that signals the

device has failed, often catastrophicallydevice has failed, often catastrophically IBM’s 75GXP harddrives were known for this ($2B loss)IBM’s 75GXP harddrives were known for this ($2B loss)

Harddrive manufactures claim a 1% failure rateHarddrive manufactures claim a 1% failure rateCarnegie-Mellon research suggests 2-4%Carnegie-Mellon research suggests 2-4%

Under some conditions: 13%Under some conditions: 13%

Questions?Questions?