Forget the notion that laptops are getting cheaper.

The U.S. Department of Veterans Affairs has a laptop and external hard drive, recently recovered by the folks at the FBI, which will cost them and us at least $160 million.

It all started May 3 when a laptop computer and external hard drive were stolen from a residence in Aspen Hills, Maryland. The gear contained birthdates, Social Security Numbers and other personal information on veterans and some military personnel. The bigwigs at VA didn’t know about the loss until May 16, or so they have claimed. Originally, it was thought that 26.5 million veterans were at risk. In late June, the laptop and external drive were recovered, thanks to a $50,000 reward. VA and FBI officials now believe lass than 18 million people’s records were at risk.

In the meantime, however, VA promised to pay for one year’s worth or credit monitoring for all potential people impacted – at a cost of $160 million.

Many incidents

The incident is just one of many involving corporate and government laptop computers gone missing, stolen or compromised.

More corporations are purchasing laptops for their executives and office workers, who have network porting at work but taken the computers home at night. And there’s the concern of vulnerabilities.

Here are seven tips to better secure laptops and their data.

Security leaks are not only caused by data transfer, but by the mobile device itself.

Tip 1: More discipline when on the move.

The only protection against being careless is more care and discipline – but that is difficult when you are under time pressure. A survey conducted by Utimaco Safeware AG with the Lost and Found offices at the ten largest airports revealed airline passengers lost more than 5,000 mobile devices. Particularly at airports with a large number of short-distance routes primarily used by business travelers, several dozen mobile devices are turned in daily, as many as a hundred on heavily traveled days.

Tip 2: Making passwords more difficult to crack.

If the worst happens, and your computer is stolen or lost, there is still hope that your personal data is not all accessible, if the password is difficult enough to crack. A mixture of characters, numbers and letters is considered the most secure – but only if passwords and keys are not stored on the hard disk. For this reason, it is better that the computer prompts for a password before booting– electronic security solutions enable this. This gives an unauthorized user no chance to access the operating system or saved data in any way.

Tip 3: Use hardware to supplement password protection.

Analysts working for the Meta Group have confirmed what IT managers already know: Passwords alone do not provide optimum protection for data. The supplements have been available and in use for years. Special smart cards or tokens, which look just like a USB stick, store key information that is used in combination with a user password to unlock the computer. Only someone who possesses the token and knows the password can access the system and the data saved on it. Alternatively, the user’s biometric data can be stored on a smart card. For authentication, the user’s fingerprint is checked directly on the card, instead of the password.

Tip 4: Secure hibernation mode.

You can set up the system to prompt for the password again when the notebook switches back from the screen saver, or from hibernation mode to normal working mode. This means your data is still secure if the user takes time to stop for a break or make a phone call while in transit.

Tip 5: Set up an electronic safe.

As a basic principle you should never save valuable information without protecting it electronically: important papers are kept in safes. The electronic pendant is a “virtual” disk drive that securely encrypts and stores all its contents. You can very easily set up an electronic safe of this kind on local hard disks and network directories, on the PDA, and also on mobile devices such as USB sticks and smart cards, CD-ROMs and DVDs to provide secure storage of your electronic data.

Tip 6: Implement automatic encryption.

Data transparent encryption is a big help. It runs automatically in the background, without being noticed, so the user does not even have to think about storing data securely.

Tip 7: Restrict plug and play.

Plug and Play is convenient, but can sometimes be dangerous: if someone connects a USB stick, MP3 player or external hard disk drive to a notebook, it is recognized automatically – and it is then easy to start exporting data and passing it on to the wrong people. The alternative is to lock the computer for all memory media apart from the company’s own memory sticks, which cannot be used to run or read programs. This also removes the danger of accidentally loading a worm or virus on your own hard disk if you lend the data medium to someone, and get it back with “dangerous cargo”. In addition you should only use sensitive data on USB sticks when it is encrypted, as the smaller the memory device, the greater the danger that it will get lost or stolen.