Click to return to CIT home page

 

 

Laptops offer a great convenience due to their portability. This portability, however, makes them a target for thieves, both for physical loss of the actual computer, and for data loss if accessing information insecurely (i.e., insecure transmission via wireless connectivity).

Several people at Oberlin College have already had their laptops stolen: students carrying them on campus and setting them down briefly, students leaving them unattended in unlocked residence hall rooms, a faculty member traveling on the road. People have also had data stolen through wireless transmission while on the road. One person reported the theft of his credit card information after placing an order on his laptop while connected via wireless at a coffee café.

If this happened to you, would important data be lost? Would your personal data be vulnerable (your Social Security Number, tax information, personal financial information, credit card numbers)? Would important, confidential, work-related data be vulnerable (Social Security Numbers, personnel information, financial information)?

Your computer's security is your responsibility, whether it's your personally-owned computer, or your college-assigned computer! It is imperative you take precautions when using any computer, but particularly when you are using a laptop, due to its unique vulnerabilities.

To protect yourself and Oberlin College from potentially dire consequences, please take the following precautions at all times:

1. Confidential data: Do not download confidential data to your computer unless you need to work on it. If you must work on confidential data, the preferred method is to keep the data on the applicable server at Oberlin College and use VPN to access that data. (VPN=Virtual Private Network. This requires use of a VPN client which must be downloaded onto your computer prior to leaving campus. See details online regarding the use of VPN.) If you must work on the data on your laptop, be sure to remove it when done. If you must keep the data on your computer for extended periods, keep the data encrypted at all times when not using it. If you must encrypt data, MAKE SURE you have the encryption password/key stored in a secure location, as well as retaining an unencrypted version of the data in a secure location. Information on encrypting data is provided online. Remember, confidential data can be work-related, as well as personal information about you, such as your Social Security Number, credit-card or bank information, account logins and passwords,home address, etc.


2. Wireless: When connecting via wireless, understand that this is a very insecure transmission mechanism. This is true for wireless connections anywhere - in airports, hotels, conference rooms, Internet cafés, even at Oberlin College. We highly recommend you use VPN for all wireless transmissions, including e-mail, but this is especially critical when using any confidential data. See online information on the use of VPN.


3. Password Protect. Use a password-protected screen-saver and/or login and make sure to log out of your computer when leaving it unattended.


4. Keep system patched and updated: Keep the operating system patched and anti-virus software updated. If you are traveling, make sure you do this before departing. College-owned Windows computers attached to the campus network are configured to do this automatically, but need to be rebooted for the patches and updates to be applied. Prior to departing, connect to the college network, login, and reboot the laptop. For Macintosh computers, run Software Update (Click on System Preferences -> Software Update - Check Now). If you need assistance, contact the CIT Help Desk in Mudd 005, x58197, cit@oberlin.edu (faculty and staff); or visit the SCSC (Mudd 052) or your RCC (students).


5. Have current backups: Make sure your files are regularly and properly backed up. If you use a backup drive, do not keep it near your computer. Instead, store it in a secure location, such as a locked cabinet. Never store your data ONLY on your laptop. Store it in other locations, as well - on a jump/flash drive, in your LOCKER space on the college's file servers. on an external drive, etc.
   
6. Unplug when done: When you are not using your laptop, unplug it from Internet access and/or shut it down. This is particularly important for Windows computers, which are more prone to viruses, worms, spyware, and hacking attempts. Also, as a matter of course for any computer, be careful of what websites you visit, what things you download, and what e-mail attachments you open. All of these actions can lead to spyware and viruses being loaded onto your computer.


7. Lock your laptop. Try not to leave your laptop unattended, but, if you must, make sure it is locked. Laptop locks/security cables are provided by CIT for college-owned laptops, and are sold in the Computer Store for personally-owned laptops. If you must leave your computer in a hotel room, use the hotel room safe (if provided and if large enough) or lock it securely to an immovable object from which the lock/cable cannot be readily removed. However, note that locks can be picked and cables can be cut. Be sure to also safeguard your data! (Password-protect your computer and use encryption. See numbers 8 and 9 below.)


8. Lock your office/room. If you use a laptop, close and lock your office or residence hall room door whenever you leave. It's also a good idea to lock your computer even when in your office or residence hall room. Be sure to close and lock windows, as well, whenever leaving your office/room, especially if you are on the ground floor level.


9. Don't leave laptop in plain view. Do not leave your laptop in plain view of windows. Lock it in a closet or cabinet, or close blinds or curtains. If leaving unattended in a vehicle, place it in the trunk.


10. Identify your laptop. If this is your personal laptop, have your name etched into the case. Make it obvious. Many thieves will not take a laptop that is permanently and easily identified. If this is a college-owned laptop, make sure there is an identifying label on the computer and identifying information on the laptop bag. (Do not permanently etch your name into a college-owned laptop.) Write down your laptop's serial number, make and model and store this information in a secure location. If your laptop is ever stolen, this may help in the recovery.


11. When flying: When flying, NEVER put your laptop in checked baggage. Always carry it with you as a carry-on.

Tracking Utilities: We do everything we can to trace computers stolen on campus, but is usually very difficult to recover a stolen laptop. There are software utilities available, at a cost, to help trace your computer if stolen. CIT does not provide these utilities, but you may want to consider purchasing one. This is highly recommended if you have confidential data stored on your laptop. (There are several available, such as PC Phone Home. For a more complete list, google "Computer Tracking Programs".)

If your laptop is stolen, contact the Oberlin College Office of Safety and Security (159 West Lorain St., 775-8444). Provide as much information as possible - make, model, serial number, MAC (hardware) address, and IP number, if known. If this is a college-owned computer, contact CIT as well. Faculty and staff: If this is a college-owned computer, or a personal computer on which you have done college work, contact Linda Iroff (775-8780), Director of Desktop Replacements, or John Bucher, Director of Information Technology/Chief Technology Officer (775-8700).

If you need any assistance, or have any questions about laptop security, contact the CIT Help Desk in Mudd 005, phone: 775-58197, or via e-mail to cit@oberlin.edu.

REMEMBER: COMPUTER SECURITY IS EVERYONE'S RESPONSIBILITY!