4 laptop security trends you should know about

These new techniques and products are not as widely known, yet they are effective for any laptop-carrying business worker who needs to fend off the latest attacks.

For most business users, there’s one common device we all use that is still a common attack vector for hackers. We carry them with us everywhere, and we store most of our important files on the local drive, even if it’s just temporary. A laptop has more storage, more connection options, and more legacy apps than any smartphone or tablet.

For any business, it’s important to take laptop security seriously, even if you already have an endpoint security product in place and teach enterprise users about best practices. Hackers are industrious; they develop new techniques and know that one of the easiest ways to steal passwords, break into file archives, and intercept a confidential email is through a laptop.

These new techniques and products are not as widely known, yet they are effective for any laptop-carrying business worker who needs to fend off the latest attacks.

1. Laptop kill switch

Any security professionals who watched a recent Mark Zuckerberg live chat recently noticed he had a piece of tape over a webcam. Instead of using that low-tech approach, some laptops like the Purism Librem 13 have a kill switch that disables all wireless connections, the webcam, and the built-in microphone in a reliable way with one click.

“The popularity of hardware kill switches highlights just how much users distrust the software running on their own computers,” says Josh Lifton, the founder and CEO of Crowd Supply, a site for people to build and promote hardware projects. “The act of physically flipping a switch is empowering and rebuilds some of the trust between users and their machines.”

2. Microsoft Hello authentication

Laptop makers like Dell and Lenovo are starting to roll out new models that support Microsoft Hello. There’s an infrared camera that can scan your face and grant access, a way to eliminate passwords. Because the infrared camera scans so thoroughly, it’s difficult to hack. And, the camera and technology are built into the laptop and Windows 10, so it’s easy to use.

“It's been striking to see the success Microsoft has enjoyed through security features in Windows 10 and Microsoft Hello,” says Charles King, an analyst with PUND-IT. “Earlier this year, the Pentagon ordered Windows 10 to be installed on over 4 million military PCs, in large part due to a desire to deploy a secure, standardized single PC platforms.”

3. Bulletproof Gmail access

One of the most common attack surfaces for any laptop user is to compromise your email, usually by guessing a password. Why is that? For hackers, gaining access to your email means accessing bank accounts, social media, and all of your files. Fortunately, Gmail provides two-factor authentication using a USB hardware key like the YubiKey. It means, for any laptop, you can only gain access to email if the key is present in the USB drive.

“Yubico’s vision is to enable internet users to have one single and secure key for securing access across from any device to any number of services,” says Ronnie Manning, a YubiKey spokesperson. “Additionally, they are crushproof, waterproof and require no drivers or battery. The YubiKey NEO hardware key also supports NFC for mobile authentication.”

4. Dell Advanced Threat Prevention

Dell has a taken a fairly radical approach with laptop security. Instead of pre-installing virus checkers and spyware scanners, which consume extra memory and need constant updating, their Advanced Threat Prevention software looks for suspicious activity. It does not connect to the cloud so it works at all times. It blocks a compromise within 1.2 milliseconds by looking at the underpinnings of the code rather than scanning for known virus and malware signatures.

“Dell threat detection with the built-in artificial intelligence and machine learning technologies protect against zero day attacks and other advanced persistent threats, as well as targeted attacks like ransomware and spear phishing,” says King.

Join the CSO newsletter!

Error: Please check your email address.

More about AdvancedCSODellGoogleLenovoMicrosoftNearNFCYubico

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John Brandon

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place