Securing the mobile PC - Windows 2000 style

Some tips on how to try to plug the security hole represented by mobile workstations.

This Content Component encountered an error

Securing the mobile PC - Windows 2000 style
Adesh Rampat

Mobile computers are a security nightmare. They can be lost or stolen easily, and then their data is available to whoever happened to pick them up. Worse, they might have an installed connection, such as a VPN, right into your corporate network. Here are some ideas that will help plug that security hole.

Got a Windows security tip of your own? Why not send it in? We'll post it on our Web site, and enter you in our tips contest for some neat prizes.


You may have some mobile Win2k users who need a higher degree of data protection than their non-mobile counterparts. Whether applied by the user or an administrator, here are some major security features that can be applied to protect data on a mobile computer.

 

Apply NTFS Permissions

Data security on a mobile computer can be enhanced through the use of NTFS permissions through which you can allow/restrict access to files/folders on the installed hard drive. When applying permissions, however, be careful about granting permissions to group everyone.

User Accounts

Make sure that mobile computers only have one user account (excluding the administrator and guest accounts). The fewer people who have access to the information on the mobile computer, the better.

Also, the Windows 2000 username should not be the name of the current user; it should be some other name that isn't particularly easily guessed. For example, instead of John Doe, try jdoe5521, or doej2155. These are fairly easily doped out, but not as easily as johndoe.

Rename the administrator account.

Rename or disable the guest account.

The only time anyone should use the administrator account is when performing administrative tasks such as software installations, etc.

If the current user needs to grant temporary access to another user, then log on as administrator and create a temporary account for the new user. Be mindful of the permissions granted in this case, and remove the account as soon as possible.

Encrypted File System

An excellent security feature that can be used in the protection of data is Windows 2000 encrypted file system. File encryption prevents data from easily being available to an unauthorized user. Here's how to encrypt the contents of a folder:

  • Right click the file or folder.
  • Then Click on Properties.
  • On the General Tab click Advanced.
  • If the "Compress Data to Save Disk Space" box is checked, clear it. Files or folders that are compressed cannot be encrypted.
  • Check the box that reads "Encrypt Contents to Secure Data."
  • Click OK to confirm.

The Windows help files contain more information on encrypting folders and files.

Service Pack Updates

Service pack updates can play a major role in data security when used in conjunction with the above-mentioned security procedures. Visits Microsoft's web site periodically for any new service pack updates. If your notebook users are remote from your location, then you should establish a notification procedure to remind them to get new service packs/updates.


Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics.

Did you like this tip? If so, (or if not) why not let us know. Send an email to us and sound off.

Related Book

Maximum Windows 2000 Security
Author: A Anonymous
Online Price: $49.99
Publisher Name: SAMS Publishing
Date published: October 2000
Summary:
Reveals the holes and weaknesses that compromise Windows 2000 security and how to fix them. Teaches practical, pre-emptive countermeasures against tricks and techniques employed by hackers. Same anonymous hacker who wrote the best-selling books Maximum Security and Maximum Linux Security.


This was first published in September 2001

Dig deeper on Windows Data Storage Administration Tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close