How do I keep data on my laptop secure?
Laptops get lost and are easily stolen. The simple answer to this question is therefore that,
if you have personal information on a laptop – perhaps payroll or other staff information, or
customer information – and particularly where the information could be used to cause an individual
damage or distress, (eg financial or medical information) the laptop's hard-drive should be
encrypted. The level of laptop
encryption should be regularly reviewed to ensure that it is sufficient. Organisations must
also have policies/procedures on the appropriate use and security of laptops, and staff must be
properly trained to follow these procedures. Organizations that lose unencrypted laptops (or
CD-ROMs) face enforcement action from the ICO and from their own regulatory bodies (eg the FSA), as
well as brand damage.
This was first published in January 2008