There have been a number of recent thefts of laptops, which had been left in unlocked rooms on the parliamentary estate. On this occasion a police investigation has resulted in someone employed on the estate being charged with the theft of these items.  In most cases however, once a laptop has been stolen, there is little expectation that it will be recovered and it is therefore sensible to take reasonable precautions to reduce the risk of such crimes. 

It is not just the inconvenience to the user and the cost of replacement which must considered, but more importantly all the information contained on the machine, both business and personal, may be available to an unauthorised individual. 

The attached document provides a number of laptop theft prevention "best practices", which should be adopted to reduce the risk of IT equipment theft and associated data, from public and other vulnerable areas both within the estate and whilst working remotely.

If you require further advice and guidance on crime prevention or data security, please contact the specialists below:

Bill Ramsey     Crime Prevention Officer        x3822
       
Mark Bailey     Parliamentary IT Security       x3468

Use of Laptops and other portable IT equipment:

Due to the risk of loss or theft of portable IT equipment, such as laptops and Personal Digital Assistants (PDA), all users are recommended to adopt the following security best practices.  Portable IT equipment is by its’ very nature, compact and easy to transport, therefore, if the proper controls are not implemented, such items are susceptible to theft.  Do not forget, it is not just the physical item that could be stolen, but all of your Parliamentary and personal data.  The IT equipment itself can be fairly easily replaced, but if you have not taken a recent back up of your data, it is extremely unlikely this will be recoverable.       

Best Practices to reduce the risk of data loss or unauthorised data access:

• Take regular data back ups, do not forget to test a restore periodically

• Do not keep your data back ups near the IT equipment, if the laptop is stolen or destroyed in a fire, the back up would be destroyed too!

• Choose a strong password that is easy for you remember for hard for others to guess.

• Do not share this password and do not write it down

• Use a security cable at all times to reduce the risk of laptop theft

• Ensure portable IT equipment is included in the asset register

• Property mark the equipment overtly or covertly

• Only use a standard screensaver

• Use a power on password

• Consider installing disc and/or email encryption software

• Lock your screen when leaving your desk, even for a few minutes (Ctrl/Alt/Del)

• Log off correctly, power off and lock your laptop away at the end of the working day

Whilst travelling or working remotely from the Parliamentary Estate:

• Ensure that when using your IT equipment in a public place, the contents of the screen cannot be overlooked and the information gained by an unauthorised individual

• Carry your portable IT equipment in an anonymous bag/case

• Ensure you regularly update your anti-virus software, they are approximately 500 new viruses appearing each month

• Do not bypass your anti virus software, it is there for your protection

• Ensure your personal firewall is active prior to using the Internet

• Do not load unauthorised or unlicensed software

• Do not leave unattended in a motor vehicle, not even locked in the boot!

• When in a hotel or conference centre, use a security cable to secure the device or leave in a secure room provided by the establishment

• Avoid taking your laptop “to the pub”, but if you cannot make alternative arrangements,  when visiting restaurants, cafes, bars or waiting at stations, airports, ensure you keep your laptop in close proximity and in sight at all times

At Home

• You should not allow any unauthorised person, even a family member, unobserved use of the laptop.  This will increase the risk of Parliamentary and personal information being copied, altered or even deleted, perhaps in error. 

• Avoid the risk of liquids being spilt into the laptop, this could cause a major problem with data recovery

• Do not use or locate your laptop near an open, ground floor window