Securing Your Devices, Physically and Digitally

Securing your laptop or other device both physically and digitally can significantly reduce the risk of the device or the information it contains falling into the wrong hands. Physical security could mean locking the laptop away in a desk when you leave work for the day or using a cable and lock to secure it to your workstation. According to Information Security Analyst Bob Therina, “we wouldn’t leave an expensive watch or jewelry on our desk every night, but most of us don’t give a second thought while we leave $2,000 computers sitting out in open office spaces”.

The best strategy for keeping our devices safe begins with the way we set up our devices for daily use. Therina says, “For most of us, the data on our devices is more valuable than the device itself”. As a result, some precautions should be taken to ensure that a bad actor won’t be able to access our data, even if they physically obtain our device. According to Therina, “There is really no substitute for encryption. For MAC users, that would be enabling FileVault. For Windows Professional users that would be Bitlocker. For other versions of Windows that don’t have BitLocker, a good choice would be VeraCrypt. Apple mobile devices and Android devices produced in the last 4 or 5 years are encrypted if they have a password and/or biometric access enabled”.

Whether or not encryption has been used will inform the way we approach investigating missing devices. Therina says, “In general, if the device is encrypted, it’s not a breach. If it’s not encrypted, we try to determine what kind of data was on it and how much”. While encrypted devices eliminate most of the risk of a data breach, non-encrypted devices require some additional work to determine that valuable and private information hasn’t fallen into the wrong hands. Therina says, “For laptops that are unencrypted, the protection you might do after the fact depends on what information the thieves might have available should they go through the files on your device. Financial accounts? SSNs? Addresses? Passwords? Some things can be changed, and some can’t.”

You can read more about what to do if your device is lost or stolen on the Lost Device page on our Office of Information Security website. If your device is stolen, you should contact the appropriate police department, then reach out to the Office of Information Security at infosec@wustl.edu or by calling 314-747-2955. If you are on the Danforth campus, you should contact WUPD at 314-935-5555, and if you are on the Medical Campus, you should call Washington University School of Medicine Protective Services at 314-362-4357.