Colorado Clinical and Translational Sciences Institute

Five Tips to Protect Your Data

Written by Matthew Latus | September 14, 2021

The pandemic has changed how we work. As a result, you may find yourself ferrying a laptop around more often. With this comes an increased risk it will be stolen, lost or damaged during transit. So, what are some things you can do to protect the sensitive data on your laptop? 
The best way to keep sensitive data secure on your laptop is not to have any; however, we know that isn't always possible. Below are five actions you can take to protect sensitive data on your laptop. 


1. The most critical step for securing your laptop is to configure a login user account and password. If you are using a department-issued laptop, you log in with your university or hospital account. If you are using a personal laptop, you must create a local user account. Ideally, your password is at least 12 characters long mixed with numbers, upper and lowercase letters and symbols. The risk of someone cracking your password significantly decreases when it is 12 characters or longer. 
 
Experts estimate it takes 5 million years to break a 12-character password and only 57 days to crack an eight-character password. Some approaches to creating long, memorable passwords are to use unique song lyrics, quotes or a made-up sentence. In addition, the laptop should have a password-protected screensaver that displays after 15 minutes of inactivity.   
 
2. Bitglass, an information security provider, showed that most protected health data breaches are due to the theft or loss of laptops. The best way to mitigate this risk and avoid privacy violations is to encrypt the files or hard drives. For information on the university's encryption policy, please visit this site. If a device with sensitive data is lost or stolen, immediately contact the IT Services Help Desk at 303-724-4357.
 
3. A stolen, lost or damaged laptop also brings the risk of losing your only copy of data. Regularly back up your data to mitigate this risk. The best practice is to have two backup copies. One copy should be local and the other remote. The local copy allows you to restore any damaged or deleted data quickly. The remote copy of your data can be copy-protected against the worst-case scenarios of a lost, stolen, or damaged laptop. You can use a flash drive or an external hard drive to store the remote copy. Just remember to encrypt it if you are storing sensitive data.

Matthew Latus

4. Another threat to data on your laptop is malicious software like ransomware and viruses. To protect against malware, make sure your programs, browser and operating system are updated monthly. Furthermore, do not indiscriminately download files, software or visit dubious web pages.

5. Lastly, always use a Virtual Private Network (VPN) when away from the university, even when you don't have to. Especially when connecting to public wireless networks. The VPN ensures your browsing is constantly encrypted and private. For more information on VPN use, please visit this OIT webpage.

In summary, avoid putting sensitive data on your laptop if you can, require a password for login, encrypt the hard drive, backup your data, update the software and always use a VPN. If you have any questions, don’t hesitate to contact me at matthew.latus@cuanschutz.edu.