Secure Laptop Exchange Program





	UIS Rapid Response Team Security Initiatives Secure Laptop Exchange Program What to do before your Secure Laptop appointment What will happen during your Secure Laptop appointment More Questions and Answers Information Classification (UIS Security Office) Working with Confidential Data Identifying Existing Social Security Numbers Mapping an EFS Drive Using the Eraser Tool to Remove Confidential Data	Secure Laptop Exchange Program What is the Secure Laptop Exchange Program? Georgetown University's commitment to information security creates an environment that protects information from security threats that could compromise privacy, productivity, reputation, or intellectual property rights. Our commitment recognizes the vital role that information plays in the educational, research, operational, and medical advancement missions of the University, but places emphasis on the importance of taking the necessary steps to protect information in all forms. With the aim of supporting such measures, Georgetown University is conducting the Secure Laptop Exchange Program. The program is a vital step toward protecting confidential data in the event that a University laptop is stolen, lost or compromised. The program involves the exchange of current University issued laptops for a model with enhanced security features. These features include a three-factor security element involving biometric authentication (fingerprint and password) in addition to the user's current network password, and an encrypted hard drive. This laptop will also have enforced security policies as it is meant to be a 'work-only' computer. Designating these laptops as work-only computers is a security effort being enforced by the University in order to lessen the possibility of exposure to viruses and malicious attacks on user data. Each laptop will also have 3 years of Computrac service that provides system location information to law enforcement officials in case of loss or theft. As part of the program, University Information Services (UIS) staff will contact you directly and make an appointment with you to guide you through the exchange process. During this appointment, technicians will configure your new laptop for you, help scan your existing data for security issues, install software you need, and offer guidance as to secure laptop usage. Who is the program for? Laptop users who need to store confidential information including ePI or Electronic Protected Information (what is 'ePI' and 'confidential' information?) on their portable computers. Note: Due to the possibility, however slight, that something may go wrong with the disk encryption, we strongly recommend that users: (1.) Keep the amount of irreplaceable data on the system to a minimum; (2.) Maintain secure backups of the data. For those users who have received an appointment meeting from UIS staff, please follow the instructions below prior to your appointment. What should I do prior to Laptop Exchange? Questions What will happen during the laptop exchange appointment? What do I do if my new laptop is stolen or lost? How do I maintain the security of my new laptop? What support will I get for my new laptop? What will happen to my old laptop? What are the different categories of electronic information? What are ePI and confidential information? What make and model are the new laptops? 1. What do I do if my laptop is stolen or lost? Change your NetID password immediately (to deny access to university servers). Report the theft to local authorities (police, etc.) first, then contact the GU security office or your Departmental Technical Representative (DTR). Remember, the laptop computer will be clearly marked with property or identification tags. The University Security Office will make a report of the loss or theft and will work with Computrace and law enforcement to retrieve the laptop. 2. How do I maintain the security of my laptop? Physical Security Secure your laptop in a locked cabinet (preferably metal) when not in use Secure your laptop to a heavy object using a locking cable Do not leave your laptop unattended on your desk Use only university-licensed software on your laptop Wireless access to the computer should be disabled when not in use to prevent unauthorized wireless access to the computer. The laptops have a switch on the left side that can do this. Wireless access should be configured to query the user for confirmation before connecting to wireless networks Password Security Use a memorable, but hard to guess, password Passwords should be a minimum length of six characters and include a combination of numbers, symbols, letters, and caps Do not write passwords down or use 'post-it' stickers to stick passwords to your laptop, ever Change your password frequently Do not configure keyboard 'hot-keys' or modem software to automatically log in or to save passwords If there is any evidence of compromise or breach, change your password immediately and contact the UIS security office Backup Data and Protect your Disks Avoid extreme temperatures, liquids and magnets Conduct frequent back-ups Make backups of critical data stored on disks Label and store backup disks in a secure, safe location Scan all disks prior to use to protect against viruses Confidential data should not be stored on your laptop unless it can be encrypted Security when Traveling Avoid using computer bags. Computer bags can make it obvious that you're carrying a laptop. Instead, try putting your laptop in something like a padded case or back pack. Never leave access numbers or passwords in your carrying case. Keeping your password with your laptop is like keeping the keys in the car. Use a screen guard. These guards help prevent people from peeking over your shoulder as you work on confidential information in a public place. Do not leave your laptop clearly visible inside a vehicle At the airport, keep your laptop with you at all times Use caution when processing your laptop through airport Security Never check your laptop in as baggage Keep your eye on your laptop. When you go through airport security don't lose sight of your bag. Hold your bag until the person in front of you has gone through the metal detector. Many bags look alike and yours can easily be lost in the shuffle Avoid setting your laptop on the floor. Putting your laptop on the floor is an easy way to forget or lose track of it. If you have to set it down, try to place it between your feet or against your leg (so you're always aware it's there) Do not take your laptop or disks through the walk-through magnetic scanner or allow a handheld scanner to be used on them Wireless access to the computer should be disabled when not in use to prevent unauthorized wireless access to the computer 3. What will happen to my old laptop? Once your files and settings are transferred to the new laptop, a complete backup of your data will be made, and will be held in a secure location for 30 days. After confirmation that the backup is good, all data on the laptop itself will be securely erased. The laptop will then be repurposed for other non-secure uses at the University. 4. Will I have administrative rights to my computer? Users will not have actual administrative access to the computer. You will be or will not be allowed the following: You will be able to log in and use applications You will be able to customize your own personal environment You will not be able to install additional software You will not be able to install hardware which requires driver installation You will not be able to modify system-wide settings 5. What make and model are the new laptops? The secure laptops are Dell Latitude D630s with 2 GB of RAM and 80 GB hard drive and thumb print reader.