Laptop With Secrets Sold On eBay For £82

According to a recent article in the Times on Tuesday, a laptop containing sensitive military documents was found on eBay.

Worst still, the laptop had the default username and password of “guest” and allowed the buyer to browse all the information unhindered.

What does this mean for the typical company – and size is irrelevant here as it applies to one or a hundred laptops.

In a rush to work from home with the Covid-19 Coronavirus outbreak, laptops are being rapidly deployed and loaded up with company data and documents without taking sensible precautions and possibly not considering if data could then be compromised further on.

There are some simple steps that can solve the main areas of risk and give peace of mind when managing your company running from staff home premises were business-grade security would not usually be in place.

Whoever you use for your IT support and security, have them confirm if they have carried out the following or are able to offer the technology to lock things down.

1. Make sure default guest accounts are disabled, and the admin accounts are renamed to mycompanyadmin or similar. Make sure the password is sophisticated and not used anywhere else.
2. Install Antivirus and AntiMalware Technology – obvious really, but are the licences, management and detection configured to be maintained while outside the office – are the updates dependant on being in the office and are you confident that you can see the updates are being applied.
3. Ensure Bitlocker for PCs or Filevault for Mac to encrypt your laptop storage drives – if you ever lose the laptop, all the information will be rendered useless.
4. Sophos Technology can be used to manage an entire company in one go to help with GDPR compliance at the same time.
5. Protect yourself with Multi-Factor Authentication. This simple technology augments the simple password so that a regularly changing number via a smartphone has to be typed in along with a password to be able to log in – virtually uncrackable and ensures that only authorised people can gain access.
6. Use a fully hosted platform like the CIS Bunker Remote Company System where all users and data are kept in a secure environment that doesn’t require data to be kept physically on individual laptops, therefore any theft or loss of the laptop will not affect data security.