Best Practices
Ultimately, the security of information stored on laptop computers and mobile devices will rest with how seriously users take securing these assets and how well users follow guidelines and security polices for protecting their laptops. Although you can use technology to secure these devices to a certain extent, you must train users to do their part in securing laptop computers and mobile devices.
If the risk to your organization from supplying users with laptop computers is high enough, consider using hardware locking devices.
Passwords that prevent an attacker from booting a laptop computer, even temporarily, will increase the security of your network and the information stored on a stolen computer.
For users that will be connecting to untrusted networks, install Windows XP or a personal firewall application to prevent an attacker from compromising the computer. Be sure to show the user how to use the application.
The security provided by WEP is not strong enough to prevent knowledgeable and skilled attackers from compromising data sent on wireless networks. 802.1x provides secure authentication, dynamic key exchanges, and data transmission security.
To protect information on laptops issued to employees who will install wireless networks in their homes, create guidelines on what wireless access point to install and how to implement basic security measures, such as disabling SSID broadcasting, enabling WEP with shared key authentication, and MAC address filtering.