Merlin's Computer Usage and Policy Guidelines	Laptop Computer Use Policy
			Feel free to print this page for future reference.
	Laptop computers (portables) are an invaluable tool for people on the move; but there are security risks. A laptop can be readily stolen, along with the information that it contains. An effective company policy can help to minimise these risks.

Many people in business who spend a reasonable amount of time out of the office, or who often work from home, utilise some sort of portable computer. Today's laptop computers enable business people to stay in touch with the office and business associates even when they are out of the office, by utilising e-mail, and various calendar and scheduling tools.

However, if a laptop computer is stolen from a hotel room, or from the airport, or accidentally left somewhere, there loss of the information stored on the laptop can be horrific. If a recent backup of the data is available then it can be restored to another computer. However, if the information is confidential then it could easily fall into the public domain or into the hands of your competitors.

This document aims to help businesses minimise the risks of utilising portable computer equipment. The following guidelines can be finetuned by companies to suit particular preferences or business objectives.

Purpose

The company is mindful that laptop computers can be readily stolen by opportunistic thieves, and that the data stored on the laptop is company information to be guarded against theft and perusal by non-company people. Laptops are also reasonably fragile and must be treated carefully. The purpose of these guidelines is to guard against both theft of the equipment, and theft of the information stored on the equipment.

Suggested Guidelines/Rules

1. A laptop or other portable computer is made available to staff members as a business tool to assist in the day-to-day performance of workplace duties.
2. A laptop computer is allocated to a particular staff member for their use, and is entrusted to their care. The staff member is to take all reasonable care to secure the laptop and all its peripheral equipment, and to guard against theft and damage.
3. When in transit, a laptop computer is to be carried in an appropriate container suitable for its transport. This will generally mean in the carry case provided.
4. When carried in a motor vehicle, the equipment is not to be left in the open view of passers-by.
5. Because laptop computers are considered fragile, it is important whilst travelling that a laptop computer is NOT sent onto an aircraft (or bus, etc.) as luggage. It must be carried on as hand luggage, in the care of the staff member at all times.
6. When setup for use on a desk or other workplace environment, the laptop must be physically secured to prevent theft. An authorised cable-lock device can be used for this purpose.
7. To guard against unauthorised usage of the equipment, a power-on password is to be in place, and always enabled. Such password is not to be written down and stored with the equipment.
8. Modern laptops have hard disk drives that are readily removable. If feasible, a hard drive password is to be enabled (to prevent installing the hard drive into another laptop to access its contents).
9. Wherever feasible, additional passwords are to be used (eg. MS Windows start up) to deter against unauthorised usage.
10. A screen saver password is to be enabled to guard against casual unauthorised usage or access by passers-by.
11. Staff members are to keep all passwords secret, and not divulge them to anyone.

© Copyright 1999-2003, Colonial Pioneer Publishing (ABN: 52 791 744 975).
http://www.hotkey.net.au/~brain
Last revised: 20 May, 2003.