Tactical Advice

End-Point Security

Consider five technologies that can maximize the protection of your end users' data.
This story appears in the September 2009 issue of BizTech Magazine.

Threats to end-user systems come in all shapes and sizes — from standard-issue viruses and worms to more nefarious threats such as malware, spyware and botnets — and they are growing by the day.

Physical threats are also on the rise; a lost or stolen notebook can be disastrous for your business if sensitive data becomes easily accessible. Eliminating risk entirely may not be possible, but there are technologies that your help desk can use to limit both risk and consequence.

Here are five tools to help protect your company’s systems:

1. Prevent problems with power-on passwords.

One often-overlooked feature built into most computers is a power-on password. This function, when enabled, requires entering a password before the machine completes its power-on self-test and starts its boot routine. This is useful in protecting notebooks because it renders them useless if lost or stolen.

Enabling a power-on password is often as simple as hitting an assigned key to enter the BIOS, OK’ing the feature and setting the password. Have the help desk set one before deploying a machine; otherwise, whoever uses the computer first will be able to set it.

2. Lock it down with BitLocker.

If your company uses Microsoft Windows Vista Enterprise, Vista Ultimate or Windows 7, consider taking advantage of BitLocker. It can encrypt the entire system partition of a user’s hard drive and require authentication before access.

Authentication is provided either by using a password or a USB key, or it can be transparent, using a client machine’s built-in Trusted Platform Module. This authentication protects the drive’s contents from being accessed by users who boot from a CD or USB drive, or who — if a notebook is lost, stolen or otherwise compromised — mount the hard drive in another machine.

3. Let your fingers do the talking.

If your help desk is looking to enhance user security while reducing call volume, consider giving your mobile users notebooks equipped with fingerprint scanners. These are inexpensive, convenient and make forgotten passwords a thing of the past.

Users simply walk through a one-time “fingerprint enrollment wizard” to scan in one or more fingerprints, binding them to passwords; and from that point they can use a simple fingerprint swipe to log into everything from Windows to web pages. This adds convenience to the end-user experience, and can reduce the number of lost passwords and locked-out user accounts.

4. Keep your removable data safe and secure.

Removable storage has evolved since the days of 64-megabyte flash drives. Not only is external storage now capable of holding exponentially more data, but it can also support miniaturized versions of encryption and authentication technology once thought impossible.

External drives today are more secure than ever, thanks to authentication methods ranging from passwords to fingerprint readers to radio frequency identification tokens.

5. Police unwanted software with policy management.

Although many companies use web filtering software and firewall controls to keep users out of trouble in the office, it is still fairly common for mobile users to send machines in for repair or re-imaging because they were compromised outside of the office.

To mitigate this, consider using a centralized client policy solution. Client policy management software runs as a service on machines and reports back to a central management server. Administrators can configure and update policies to allow or disallow executables from launching; then, only authorized software can run or be installed. This will not only keep machines healthy but also help contain malware outbreaks.

Jason Holbert is a Tier II desktop support technician at Harcros Chemicals, a chemical distributor in Kansas City, Kan.
Sign up for our e-newsletter


Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....


The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...


Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.