Date Added: Aug 2007
Given the realities of an increasingly mobile workforce and the growing regulatory obligations of organizations, IT security professionals need to craft, communicate, and enforce more specific laptop security policies to prevent company and customer data from being compromised. Laptop policies either don't exist, and if they do, they're not enforced. The lines of responsibility are often blurred between IT and Facilities/Security departments and conflict with effectively implementing existing policies. The weak link in the security chain, the end user, is left ill-trained to protect the vulnerable mobile computer. End users need more specific rules and training, IT staff should implement automated and non-automated enforcement practices, and management should lead by example, provide clear direction and highlight good behavior.