6 Steps to Practice Strong Laptop Security
If you’ve ever found yourself searching security questions like “how to secure my work computer” and “laptop security antivirus,” this article is for you. Here, we answer common company laptop security questions like:
- How do I keep my laptop secure in a public network?
- What is the best security system for my computer?
- Is my laptop password safe?
There are a number of things you can do to better protect your work laptop. Read on for six steps to company laptop security.
Company laptops store all kinds of valuable information, from passwords and confidential documents to financial and personal data. This makes them attractive targets for cyber attackers, who’ll readily exploit security blind spots to access this wealth of data.
As we increasingly work “on the move” from locations outside the office, physical laptop security is a growing concern. Devices appeal to thieves for two reasons: they generally come with high price tags, and they provide a gateway to valuable files and data.
The big picture? Having your company laptop stolen or hacked leaves you open to extortion, and puts you and your company at risk of damaging leaks and financial losses.
Strong laptop protection means adopting behaviors, software, and hardware that keep your data private and your device secure. Most secure laptops have a better chance of withstanding an attempted breach than those left unprotected. Here are the six crucial elements of laptop security, including practices to take on board and those to avoid.
Step #1: Set complex passwords where it counts
While we don’t recommend relying on passwords alone, they’re a great place to start when it comes to improving laptop security. Login passwords are essential in preventing other people from gaining unwanted access to your files at boot-up. If you frequently use your laptop in public places—including an office—setting a password-protected lock screen is a good idea. It should go without saying, but these passwords should be unique and hard to guess. Consider using numbers, symbols, or full sentences or passphrases—but avoid using your birthday, for instance.
As you continue to strengthen your laptop security, consider moving away from passwords altogether. By using a single sign-on solution, for example, you can access many different applications with just the one set of login credentials linked to your laptop. Your IT admins may also experiment with a variety of different passwordless authentication methods, like factor sequencing and email magic links, as all are more secure alternatives to storing and remembering passwords.
DO:
- Set a hard-to-guess password or passphrase for logging into your laptop.
- Use a password-protected screensaver for when you step away.
- Use solutions and authentication methods that cut down on password use, like single sign-on.
DON’T:
- Recycle the same passwords across different accounts.
- Share passwords with others, including colleagues.
- Use password managers or auto-remember features in browsers and websites—these are susceptible to data breaches.
Step #2: Update your programs, browser, and laptop security software
Do laptops need antivirus? The answer is yes. Company laptops tend to have antivirus software already installed, which takes care of the heavy lifting for end users. Still, when it comes to security software for laptops, there are a few things you can also do to protect your devices.
Firstly, monitor what you download—files and updates that contain odd wording or extensions could be bad news. If in doubt, use your company’s antivirus to scan any files before opening them. Browsers like Chrome and Firefox may update by default, but restarting them occasionally will make sure security updates take effect. Likewise, turning on auto-update or otherwise manually updating your operating system and programs will help limit vulnerabilities.
Virus detection depends on up-to-date virus signatures and definitions, so it’s best to use software with automatic definition updates. If that feature is unavailable, set yourself a regular reminder to manually update these definitions on your machine.
DO:
- Scan files with antivirus software before opening them.
- Regularly update your software’s virus definitions.
- Turn on auto-update for your browser, programs, and operating system.
DON’T:
- Indiscriminately download files or visit dubious webpages.
- Leave security software and virus definitions out-of-date.
Step #3: Encrypt your hard drive and back up your data
Of all the steps to take, this is arguably the strongest line of defense against theft and cyber attacks alike. The best form of laptop protection involves encryption. Login passwords alone aren’t guaranteed protection: criminals can remove your laptop’s hard drive and read files directly, and dedicated hackers can break through your operating system’s login screen.
Encryption converts files and data into code, obscuring their true contents and making it much harder for attackers to steal your information. By encrypting your hard drive, hackers and thieves will be unable to boot your laptop or access any files on the hard drive without inputting the correct encryption key. As a result, encryption provides a powerful safeguard against unwanted access attempts—though you might want to store the encryption key on a separate device, like a USB drive or your phone.
Should anything happen to jeopardize your files, having a recent backup of your data can be the difference between an inconvenience and a disaster. Cloud services like Dropbox and Google Drive provide the means to back up data, as do operating systems like Windows and macOS. You can also use external drives, such as USBs and external hard drives .
Whichever methods you opt for, the key is to back up your data at regular intervals—particularly after creating files you can’t afford to lose. As with your hard drive, encrypting your backups is a sensible idea for max protection.
DO:
- Encrypt your hard drive.
- Back up your data regularly, and encrypt those backups too.
- Store encryption keys away from your laptop.
DON’T:
- Put off backing up your files, particularly with important work underway.
- Leave your backups and hard drive unencrypted.
Step #4: Increase your authentication
Your social, professional, and financial accounts are likely all accessible from your laptop, so it’s important to embrace online security measures to protect them. Implementing multi-factor authentication means that attackers won’t be able to access your accounts even with the correct login credentials.
However, not all authentication factors offer equal protection. Online account providers frequently text six-digit verification codes to user phones as a form of authentication—but attackers can easily intercept these messages and use the codes themselves.
Hard tokens, like YubiKeys, provide a more effective layer of laptop security. By plugging this laptop security device into your laptop, you can authenticate web logins along with or instead of your password. Many frequently-used online services, from Windows to Google, support YubiKey-based authentication. Attackers can’t replicate or interfere with YubiKeys, but you do need to keep them in your possession.
DO:
- Use YubiKeys, verification apps, and other authentication tokens to sign in.
- When practical, consider biometric authentication (e.g., fingerprint scanning).
DON’T:
- Rely on passwords or SMS codes to protect your accounts.
- Similarly, don’t rely on security question answers—they’re easy for others to guess.
Step #5: Stay private when in public
While the global data privacy landscape is constantly under construction, there are a few things you can do to increase your online privacy regardless of jurisdiction.
Privacy screens that restrict viewing angles are handy to have if you’re working in public. As unlikely as it may seem, shoulder-surfing attacks do happen, so privacy screens are worth it to block any unwanted glances at your screen—especially if you’re dealing with sensitive corporate data.
If your laptop has a webcam, get a physical cover for it. Hackers can weaponize your webcam and use it to spy on you via remote administration tools. While the LED light next to your camera should always be on when the camera is, attackers can disable the LED on Windows and MacOS. Even the best laptop protection software can’t create a physical barrier: a physical cover is the only surefire protection, removing it only when using the camera.
A VPN adds another layer of internet security for laptops. Using a VPN conceals your identity on public networks and prevents your internet provider from tracking your browsing history. VPNs encrypt the traffic between you and the server, meaning others on the network can’t identify you or see your activity. However, as VPN providers can track your activity, look for one with a proven “no log” policy.
DO:
- Invest in laptop privacy equipment, like webcam covers and special screens.
- Use a VPN to keep your laptop secure on public networks.
DON’T:
- Leave your webcam uncovered while you’re not using it.
- Choose a VPN without a “no logs” policy.
Step #6: Improve your laptop’s physical security
This one sounds obvious, but physical security for laptops involves keeping a close eye on your device. It’s easy for others to steal it from your hotel room, at an airport, from your car, or in plain sight at a café or library. Never leave your company laptop unattended in public, nor in locations that aren’t totally secure.
In places like coffee shops and co-working spaces, securing your laptop to a table with a lockable cable can greatly reduce the risk of theft. Location-tracking software could prove a lifesaver if you ever lose your laptop, but make sure you’re sharing your location with a trustworthy provider: the best laptop tracking software will have been vetted by reputable sources.
This isn’t strictly a security issue, but you’ll want to protect your laptop from physical damage. Adding a cover to your laptop can help you avoid any of the fatal bumps or accidents that can cause data loss.
DO:
- Secure your laptop in public with a lockable cable.
- Use a cover for extra physical protection.
- Install location-tracking software—but only from reputable providers.
DON’T:
- Leave laptops unlocked and unattended.
- Use untested location-tracking software.
Learn more about secure sign-on solutions—and what to look for when choosing one.