Computerworld - I sat at my desk, staring at the whiteboard on the wall. I was plagued with security insecurities and a massive headache. My allergies were feeding the headache, but at the root was stress. I had a lot on my mind, including what to do about laptops.
When I'd woken up in the morning with the headache and all the signs of a major allergy attack, I'd first popped an allergy pill. Then I gulped down a huge mug of coffee as I started the drive to work. I still had the headache an hour later when I arrived. I next went for the headache pills and a huge latte. I added a healthy dose of nicotine into the mix just for good measure. Nothing seemed to be working, and now I was throwing handful after handful of M&Ms into my mouth.
I knew that trying to drown the headache in caffeine, nicotine and chocolate was probably the worst treatment method, but we don't always act rationally. I had a problem, no solution was coming to me, and I was feeling frustrated.
Laptops present a security dilemma. They are among the best productivity devices ever created, but they may also be the single largest security threat to corporate and government networks. Their utility means they aren't going away anytime soon, but their vulnerability means things can't continue as they are. Like security managers everywhere, I read about incidents such as laptops that contain vital and sensitive information being stolen, and I shudder.
But I certainly appreciate the value of a laptop. Mine goes everywhere I go, and I connect it to a variety of networks wherever I am.
Security Willies
Lately, employees of the state agency I work for have been starting to tune in to how nice a laptop can be for getting work done while on the road.
But I have enough experience that this productivity enhancement gives me the security manager willies. When I worked in the private sector, we had a major security breach involving a remote laptop connected via a home DSL connection. A hacker had compromised the home network, gained administrative privileges and changed the password. He then achieved remote access through the VPN and tried to hack into a corporate database. It was then that we noticed we had an intruder.
The laptop had been compromised through a known vulnerability. The machine had been in the field for a year without being properly patched and updated. Even though this happened years before such incidents had to be disclosed to consumers, it got upper management's attention. After long ignoring the screams and pleas of the security and IT teams for a way to secure and manage remote laptops, the company suddenly coughed up the funds to buy remote management software.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
