Oy vey… … if you only knew how many of our customers (law firms and non) think that their “strong” windows password is SECURED and actually protecting them… you’ll be
Computers are stolen and left behind all the time, weather if it’s in a coffee shop, or the cleaning person at the office (a day before their last day at work…), airport and hotel rooms.
Hacker 101: (not YET a CLE class, but I might make it one day…)INTRODUCING (drum roll…)Hirens Boot CD (www.hirensbootcd.org) :
Within about 15 seconds, ANYONE can break into your windows computer, no matter how “strong” your password is.
Read this, so you’ll know how to hack in to ANY windows computer (including your own of course…) within less than 30 seconds:
Here is how it works:
- Download for free the Hirens boot CD from the link above…
- Burn it on a CD or simply copy it on a USB drive (don’t worry- then explain how to do all this on their website)
- Boot up ANY windows computer when the above USB stick is connected.
- Follow the prompts (about 4 clicks… 15 seconds or less…) to tell the program to REMOVE the windows password for any user from the list of users that this computer has…
- Reboot the computer again without this USB stick.
- Log in to any account, without the need to enter a password… (password will be completely GONE and not needed at that point).
Why am in telling you this?
Because it bothers me to see attorneys and other professionals save data of their customers on computers, and simply relying on their useless Windows password to protect that info…
Don’t get me wrong… A strong password is DEFINITELY a MUST when it comes to computers, but that’s to protect you from internet infections, Viruses on the network (on other computers next to you) and a simple way to avoid data theft electronically.. but this is NOT a good solution if it’s the SINGLE solution to your data protection!
So- what IS a good way to protect the data?
You should HIGHLY consider (or in some cases, if you have to follow #HIPAA, #SEC or other #compliance guidelines- it’s a MUST) Drive encryption with Boot Password Protection!
One great program that we have used on many devices (including cell phones, tablets of all kid, and of course computers) is AlertBoot.
AlertBoot allows us to encrypt the hard drive, and require a password in order to access the drive, before Windows even loads up!
It also has many other features, like:
- Remote wipe of device
- monitoring and alerting if someone entered the wrong password several times
- Alert if a user removed this program from a device (or block users from being able to do so…)
- Reporting for compliance / regulations reasons
- and much more…
We have partnered with AlertBoot and offer simple installation and monitoring service, in case you need more info. or simply go to their website…
There are many other free tools that perform the same task… People still think that protecting their PDF or Word/ Excel documents with a password, is secure enough… IT IS NOT ! – you should at least use AxCrypt (we have a post on that program here…)