Protect and Secure Data on Your Laptop

Losing a laptop sucks; losing important data and passwords is far worse. Here's what I do to protect my data.

A few weeks ago, my car was broken into while I was eating dinner between work and home. Unfortunately, my computer was in one of the stolen bags (let me know if you see a ThinkPad with a giant squid painted on it!) and chances are it will never be recovered. The laptop was my primary computer and had everything: Years of work, pictures, half-finished musical compositions, stuff for Instructables(!), passwords, and financial data.

Fortunately, I had instituted an agressive program of backups and encrypting my passwords. I didn't lose a single document and am not particularly worried about identity theft from information on the laptop.

There are ton of different ways to do this. So, if my specific solution doesn't work for you, I hope to inspire you to figure out a solution that does.

This is obvious and a great first defense, but it can't be your only defense. Sometimes you just don't realize how deserted and dark that parking lot is going to get until it's too late.

Set you backups to occur regularly and automatically. If you have to remember to start the backup, it won't be a priority and you'll go surprisingly long times between backups.

I use rsync to mirror my files to a remote server. Being able to ssh into the remote server is a good indication that you'll be able to do this. You can also use rsync to mirror files to another computer on your local network by mapping a network drive, which only requires rsync on your laptop. If this isn't going to work for you, check out the web-based services. Here is a link for setting up rsync on a windows machine and setting up ssh keys so you don't have to manually log in (this is not totally secure).

I put all of my documents into a single folder (effectively the My Documents folder) so there's just one folder to backup. Windows scheduled tasks runs the rsync commands from a batch file, mirroring this folder everyday and copying it once a week. Mirroring includes deleting files on the sever I delete on the laptop, while the once a week copy let's me get old files I might have accidentally deleted after the recycle bin has been emptied.

My folder is a couple of gigs, so the initial backup takes a while, but afterwards it's rapid because rsync only sends the changes. I prefer backing up across the net rather than locally to another machine; if the computer is net-connected while at home, work, or travelling, the backup will happen.

Here is my rsync batch file that scheduled tasks runs. Remove the --delete and change the folder on the server side to make a copying rather than a deleting version. If you are syncing to a machine on your local network, map a network drive and replace the "www.server-location.com:backupfolder" with a "/cygdrive/d" statement where "d" is the letter of your mapped drive.

This batch file copies its output to a log file so you can review, if needed.

I use Password Manager XP to store senstive usernames, numbers, and passwords under one master password. The database is encrypted and auto-closes after a certain period of inactivity. It is synced along with my other files.

Althought inconvenient, I don't let my browser or other "helpful" assistants remember passwords to anything remotely sensitive like banking websites or email.

Don't save your passwords in a plain text file. If you manage other people's data, like their social security numbers, be especially considerate and use encryption.

I don't backup the entire hard drive, so when I lost my computer I had to reinstall all my programs from original disks and the web. No data lost, but I did lose some time reinstalling and reconfiguring everything.

I got sloppy and had some data outside of the normally synced folder. Fortunately, I had other copies. Make sure your programs are not by default saving data in their "program files directory"; my copy of Matlab was particularly annoying about this.

My Quicken database has some bank account information and is not encrypted. It is password protected, but apparently, you can pay Intuit to remove a "lost" password. I think they should by default encrypt the entire file making "recovery" impossible. Losing your financial data is not nearly as bad as losing it to someone else.