1. Use strong but memorable passwords. – Too many people write down passwords because the password policy is unworkable. You could dispense with conventional passwords and use Pointsec PicturePIN which consists of a series of pictures so that the user simply points out the pictures corresponding to “his” story. Not only is this system just as secure as traditional passwords, but it’s easier to remember with no chance that you’ll be tempted to write your “password” down.

2. Encrypt the data on the disk. – This will ensure that even if the disk can be accessed, the data is secure. Make sure the encryption is seamless and quick, and managed centrally, so that the user cannot circumvent it.

3. Educate users about the risks of carrying too much data and do regular audits to ensure that non essential data is deleted. – It’s too easy to just “leave” data on the computer after it is no longer needed. An audit policy design as part of a risk assessment process will reduce the impact of data loss and ensure you know exactly “what” has been lost.

4. Have a backup mechanism that makes it easy for users to take copies of data daily while traveling. – Most laptops have CD or even DVD Read/Write capabilities so supply blank media to mobile workers. This can then be used as a backup when they return to the office and kept with other backup tapes and disks.

5. Have a Laptop Protection Policy. – This is a document that outlines the responsibility of the user and how they should treat their laptop and data. It is no less important than any other corporate email or data policy and, as such, should be part of the employees contract of employment.

All of these processes can be put in place very quickly but the biggest challenge is education. Without a clear Laptop Protection Policy everything else is window dressing. Even with a policy and procedures there can be no absolute guarantee that it will reduce the number of laptops stolen each year. Indeed, as the trend of replacing desktop computers with laptops continues, there will be many more devices for the thieves to target.


What you can do, however, is make it harder for thieves to get hold of devices through the simple security steps outlined above. By encrypting data and good use of passwords, you can also ensure that the only value to the thief is from the sale of the laptop and not your data.

Don’t become a statistic!