S 3.203 Laptop
Description
The term laptop or notebook means a PC that is portable and can be used in a mobile manner due to its design. A laptop is designed more compactly when compared to a workstation computer and may be operated independently of any external power supply for a while. It is equipped with a hard disk and usually with further storage devices such as diskette, CD-ROM, or DVD drives, as well as interfaces for communication using different media (for example modem, ISDN, LAN, USB, Firewire, WLAN). Laptops may be operated with all commonly used operating systems such as Windows or Linux. Therefore, the operating system-specific client module must be considered additionally.
Typically, a laptop is operated alone without any connection to a computer network and from time to time it is connected to the government agency's or company's network for data synchronisation and data backup purposes. Frequently, a laptop is connected directly to external networks, particularly the internet, during mobile use with the help of a modem so that it may be a direct bridge between the LAN and the internet.
Remote data transmission devices (via modem, ISDN card, etc.) are not addressed in this module (see module S 4.3). For the laptop, it is assumed that it is used by only one user within a certain period of time. Subsequent change of users is taken into consideration.
Threat scenario
The following typical threats to the IT-Grundschutz of a laptop are assumed to exist:
Force Majeure
T 1.2 | Failure of the IT system |
T 1.15 | Degradation due to changing application environment |
Organisational Shortcomings
T 2.7 | Unauthorised use of rights |
T 2.8 | Uncontrolled use of resources |
T 2.16 | Non-regulated change of users in the case of laptop PCs |
Human Error
T 3.2 | Negligent destruction of equipment or data |
T 3.3 | Non-compliance with IT security measures |
T 3.6 | Hazards posed by cleaning staff or outside staff |
T 3.8 | Improper use of the IT system |
T 3.38 | Errors in configuration and operation |
T 3.76 | Errors during the synchronisation of mobile devices |
Technical Failure
T 4.9 | Disruption of the internal power supply |
T 4.13 | Loss of stored data |
T 4.22 | Software vulnerabilities or errors |
T 4.52 | Loss of data when using a portable device |
Deliberate Acts
T 5.1 | Manipulation or destruction of equipment or accessories |
T 5.2 | Manipulation of information or software |
T 5.4 | Theft |
T 5.9 | Unauthorised use of IT systems |
T 5.18 | Systematic trying-out of passwords |
T 5.22 | Theft of a mobile IT system |
T 5.23 | Malicious software |
T 5.71 | Loss of confidentiality of classified information |
T 5.124 | Misuse of information on portable terminal devices |
T 5.125 | Unauthorised transfer of data using portable terminal devices |
T 5.126 | Unauthorised photography and filming with portable terminal devices |
Method recommendation
To secure the information system examined, other modules must be implemented in addition to this module, with these modules being selected based on the results of the IT-Grundschutz modelling process.
A host of safeguards must be implemented when using laptops, starting in the conception phase and continuing through the purchasing phase to the operation phase. The steps to take to accomplish this as well as the safeguards to consider in each of the steps are listed in the following.
- Guidelines for the use of laptops
In order to be able to securely and efficiently use laptops in government agencies and companies, a concept should be drawn up that is based on the security requirements for the existing IT systems, as well as the requirements from the planned operational scenarios (see S 2.36 Orderly issue and retrieval of a portable (laptop) PC, as well as module S 3.1 General client).
Building on this concept, the use of laptops must be regulated and security policies must be drawn up (see S 2.309 Security policies and rules for the use of mobile IT). For example, this includes the questions of who may use the system when and for what purpose and whether and how connection to the government agency's and/or company's network is allowed. Likewise, it must be regulated whether and how direct connection of the laptop to the internet is admissible during mobile use.
- Procurement of laptops
When purchasing laptops, the requirements for the particular products resulting from the concept must be formulated, and suitable products must be selected based on these requirements (see S 2.310 Appropriate selection of laptops).
- Secure installation of laptops
Carefully selecting the operating system and software components, as well as installing these securely is necessary in order to exclude the risk caused by accidental operation or deliberate misuse of laptops. The safeguards to be taken at this point strongly depend on the operating system used, which is why they must be implemented within the framework of implementing the corresponding modules, e.g. S 3.4 Unix client or S 3.9 Windows XP client.
Here, safeguard S 4.29 Use of an encryption product for portable IT systems is of particular importance, since laptops are subject to a relatively high risk of theft and the normal system access and data access controls become ineffective if the laptop is controlled by the thief.
- Secure configuration of the installed components
Depending on the security requirements, the software components needed may require different configurations. The safeguards to be taken here also depend on the operating system used, which is why they must be implemented within the framework of implementing the corresponding modules. Additional safeguards are also required here if the rights of several users must be separated. Safeguard S 4.7 Change of preset passwords must also be taken into consideration, since access control very frequently is illusory due to the fact that the used passwords are generally known.
- Secure operation of laptops
One of the most important security safeguards when operating today's laptops is to install and permanently update a virus scanner. Laptops are often operated separately from the company's or government agency's network or even with temporary internet connections over extended periods of time. As a consequence, the virus definitions may be outdated on the one hand, and the laptops exposed to high risks of infection on the other hand. The safeguards described in module S 1.6 Protection against malware, first and foremost safeguard S 2.159 Updating the virus protection programs and signatures, are particularly important for laptops. Otherwise, these devices may constitute primary infection sources when connected to a company's or government agency's network.
If laptops are connected directly to the internet when used in a mobile manner, it is essential to protect them against attacks from the internet using a restrictively configured personnel firewall. Virus protection alone is not enough to ward off all attacks expected. Likewise, it is absolutely necessary to keep the software on the laptops up to date and to install the necessary security patches promptly. If a laptop that was operated directly on the internet is to be re-connected to the government agency's or company's network after being used externally, a thorough scan should be performed using up-to-date virus signatures to ensure that the laptop is not infected. Only after this has been ensured may the laptop be connected to the local network. This is also applicable if the laptop is connected to the company's and/or government agency's network using a Virtual Private Network (VPN), since viruses may also be spread using encrypted communication links.
When switching between grid-bound and mobile operations, the databases must be synchronised between the server and the laptop. In doing so, it must be ensured that it can be discerned at any time whether the latest version of the processed data can be found in the laptop or in the network (see S 4.235 Comparison of stored data on laptops).
In order to be able to detect attempted attacks and misuse, organisational safeguards are especially necessary for laptops. The required safeguards are implemented within the framework of implementing the module S 1.9 Hardware and software management and therefore need no further consideration here. In order to maintain an overview of the laptops currently connected to the local network and to be able to comprehend the configuration of all laptops at any time, central administration of these devices is important (see S 4.236 Central administration of laptops).
Further specific safeguards for stand-alone systems first and foremost include S 4.4 Correct handling of drives for removable media and external data storage and S 4.30 Utilisation of the security functions offered in application programs.
Depending on the physical security provided in a building or office room, it may also make sense or even be necessary to implement safeguard S 1.46 Use of anti-theft devices. During mobile use, safeguard S 1.33 Safe keeping of laptop PCs during mobile use must be applied in order to protect the laptop against theft.
- Disposal
When handing over laptops to other users, regardless of whether within the framework of normal operations or when disposing of laptops, it must be ensured that no information worthy of protection remains on the hard disk. For this, the safeguards S 2.36 Orderly issue and retrieval of a portable (laptop) PC and possibly also S 4.28 Software reinstallation in the case of change of laptop users must be taken into consideration in particular.
- Data backup of laptops
The data backup procedure and the amount of data backed up depend on the operational scenario of the laptop (see safeguard S 6.71 Data backup for a mobile IT system).
The bundle of security safeguards for a laptop is presented in the following.
Planning and design
S 2.36 | (B) | Orderly issue and retrieval of a portable (laptop) PC |
S 2.218 | (C) | Procedures regarding the personal transportation of data media and IT components |
S 2.309 | (A) | Security policies and rules for the use of mobile IT |
S 4.29 | (Z) | Use of an encryption product for portable IT systems |
Purchasing
S 2.310 | (Z) | Appropriate selection of laptops |
Implementation
S 5.91 | (A) | Use of personal firewalls for clients |
S 5.121 | (B) | Secure communication when travelling |
S 5.122 | (A) | Secure connection of laptops to local networks |
Operation
S 1.33 | (A) | Safe keeping of laptop PCs during mobile use |
S 1.34 | (A) | Safe keeping of laptop PCs during stationary use |
S 1.35 | (Z) | Pooled storage of portable IT systems |
S 1.46 | (Z) | Use of anti-theft devices |
S 4.3 | (A) | Use of virus protection programs |
S 4.27 | (A) | Laptop access protection |
S 4.28 | (Z) | Software reinstallation in the case of change of laptop users |
S 4.31 | (A) | Ensuring power supply during mobile use |
S 4.235 | (B) | Comparison of stored data on laptops |
S 4.236 | (Z) | Central administration of laptops |
S 4.255 | (A) | Use of the IrDA interfaces |
Disposal
S 2.306 | (A) | Reporting losses |
Contingency Planning
S 6.71 | (A) | Data backup for a mobile IT system |