Computers can store a lot of personal data locally. And more and more people use laptops (or the smaller versions called notebooks) for working with information. How do you safeguard the information on such devices?
Hard disk encryption
- Have you encrypted the hard disk? So that you can only boot up the computer and access the information on the laptop after entering a long strong password sentence?
The operating system Debian Linux offers "LVM with encryption" as one of the options during installation.
- In case your laptop with encrypted hard disk gets lost or stolen (or both), the information (personal data) on the laptop will be safe.
Do not forget to report it to the police and get an official report (which also states that you have taken the technical measure to protect the data by encrypted hard disk). You will need it in case of an insurance claim. Report it in your internal incident list and assess the possible consequences of the data loss, and if needed inform the GDPR authorities.
- Does your operating system asks you for a username / password when booting? It better... because it is an extra protection of the information on your hard disk.
- The password protection on an operating system is easy to beat: start up the computer with an USB or CDRom with another operating system,
and you will be able to access all the data on the hard disk.
- Do you have a "clean desk policy" in your company? Yes, it's nice to work on a clean desk, but in this case it's meant that you do not leave behind any documents that can cause security issues (for example personal data). Protecting your computer with a password protected screen saver that automatically protects your computer after a certain time of inactivity.
- Do you have a technical problem with your computer? Does it need a repair? Do you send your computer, packed with personal data, to a repair company? Do they safeguard that data? Do you have a written contract about that? Are there any ways to not send them the hard disk with data?
- What do you do with your broken computer? Have you wiped your hard disk? Formatting might not be enough, because sometimes it is possible to restore information. Some governmental bodies and companies that are very serious about their data, will phycically destroy a hard disk by drilling holes in it, or use a special hard disk shredder.
* note that where this article says hard disk, you could also read hard drive, or SSD (Solid State Drive)