Avoid losses due to security risks:
make employees, vendors and contrac- tors sign confidentiality statements.
back up laptops on a regular basis.
establish policies and procedures for the use of and downloading of information onto laptops.
prohibit users from scripting their user IDs and passwords on desktops used for intranet access.
prohibit scripting of user IDs and pass- words on laptops to be used for remote access.
prohibit Internet access for anything other than business purposes.
make boot-level passwords mandatory for all users.
classify all data as to importance and enforce relevant access restrictions.
lock up or otherwise secure all laptops, desktops and peripherals after business hours.
require users to use file-level passwords on files containing sensitive or confiden- tial information.