I recently visited one of my company's satellite offices, and one of my colleagues said he was experiencing problems with his laptop. I offered to examine the system, but he declined saying the system contained "sensitive data" that I wasn't authorized to view.
After a bit more prodding, it turned out that the valuable, highly sensitive data on his laptop wasn't backed up anywhere, nor was the notebook's hard drive encrypted. That critical data was vulnerable to viruses and system failures, and it was at risk if the notebook was ever lost or stolen.
Last year, I wrote an article called Endpoint Security: How to Protect Data on a Laptop that offers various measures to protect data from unauthorized access. These include simple steps like using strong BIOS and Windows account passwords or using biometric enhancements like fingerprint readers. The most effective technique by far, though is encrypting the contents of an entire hard drive; this prevents anyone from accessing that data, even if the drive is installed into another system. With these measures in place, you can feel secure that the data is safe from all but the most talented malcontents.
The incident with my colleague made me reflect on that column. While the tips will help keep data secure, some people's carelessness will always put their data at risk. People are notorious for not backing up data regularly. This is especially true for mobile employees who store data on various portable devices.
So even if my colleague's data was encrypted and password protected, not having a physical backup of this "sensitive" data could have been disastrous. Perhaps the best way to truly keep your data safe is to never actually store it on your laptop or mobile device in the first place.
Now I know what you're thinking. "How could you do that? It's not practical." Well, at times it might not be especially convenient, but it is certainly practical. There a number of methods you could employ that would let you access your data, yet never place it at risk of being lost or compromised. Let's look at a few of them.
Access Data Over a VPN
Using a VPN, you can use a public network -- like the Internet -- to establish a secure connection to a private network -- like the one in your office. Once you establish this virtual connection, employees can access all of the network resources -- such as their data -- that would be available to them if they were in the office. A variety of methods exist for creating a VPN. Some are dedicated hardware solutions, others are built into the router and make use of 3rd party clients, and a few are even free. Windows Vista and Windows 7 both have built-in VPN support.
In 2008, I wrote an article called How to Setup a VPN in Windows Vista, which describes how to setup and configure both the host and client side VPN connection. Does your business run on Windows 7? You can still refer to that article, because the process for setting up a VPN in Windows 7 is practically identical.
Another method to consider, which is even easier is to implement, is a VPN service like LogMeIn Hamachi. This client is free for personal use, but small businesses need to purchase either a monthly or an annual subscription. The great thing about Hamachi is that this is a managed VPN designed to easily establish direct links between computers that reside behind firewalls, with none of the extensive configuration options necessary when using the built-in Windows version. Just be sure to check your company's IT policy before attempting to employ such a solution.