Computerworld

SMB - Technology for rescuing stolen laptops emerges

Perhaps you followed the dramatic headlines in May as the U.S. Department of Veterans Affairs came to grips with the fact that it had lost a laptop (since recovered) with personal information on 26.5 million veterans, exposing them to identity theft.

Since then, you might have overlooked the missing New York state government laptop with 540,000 names. Or the Federal Trade Commission laptops with 110 names. Or the Ernst & Young Global unit with 243,000 names. Or the YMCA laptop with 68,000 names. Or the Equifax laptop with 2,900 names. Or the ING laptop with 13,000 names. Or the IRS laptop with 291 names. Or the Ahold USA laptop with an undisclosed number of names.

And those were just some cases that surfaced in June.

Yet technology is available that would allow "laptop" and "security" to be spoken in the same breath without triggering gales of cynical laughter. Such systems generally depend on either Internet tracking, "kill switches" or encryption -- or, more commonly, a combination of the three.

Laptop tracking

One of the vendors in the field of laptop tracking is Absolute Software. In Abosolute Software's Computrace service, subscribing laptops check with an Internet server once a day. If a machine is reported stolen, the next time it checks the server, it will be told to start checking in every 15 minutes, explained Les Jickling, marketing manager at Absolute Software. Using various databases, its IP address will be matched to a street address. The next knock on that door may be the police, who have come to recover the machine.

Thomas Schuetz, president of MDx Medical Management, a medical management consulting firm, said he signed up for the Computrace service in November 2005 to keep track of the 20 laptops his firm uses. Two months later, one of them, his own, went missing.

"I sent the Computrace people a copy of the police report, but the machine did not start polling the Internet until the end of March, from a location in Florida," Schuetz recalled.

"The recovery team contacted me in early April. They had tracked it on to Yonkers and then to downtown Manhattan, where it settled into one IP address, a person's home. They were able to watch what was being done with the laptop, and asked me if I knew that person. They offered to erase the hard disk remotely, but I would have had to reconstruct certain things, so I said no.

"After it was seized, I went to the precinct headquarters to pick it up, and everything was intact," he added. The person from whom the laptop was recovered now faces charges of possessing stolen property.

"The service would be worth twice what it costs us, and we recommend to our doctor clients that they get this service," he said.

By special arrangement, links to the service are contained in the BIOS chips of Hewlett-Packard, Gateway, Lenovo Group, Dell, and Fujitsu laptops, so that even reinstalling the operating system will not stop the machines from reporting in, Jickling said. Pricing for the full Computrace service starts at US$128.95 per unit for three years. The consumer version of the service is a boxed product called LoJack for Laptops, priced at US$49.99 for one year.

Page Break

Meanwhile, CyberAngel Security Solutions in Nashville depends on a combination of encryption and tracking. The CyberAngel system creates an encrypted partition on the hard drive, and anyone who boots the system but gives the wrong password will be able to use the machine, but will not see the encrypted partition, said CyberAngel spokesman Bradley Lide. While the unsuspecting thief happily uses the machine, in the background, the laptop will start sending out tracking pings.

"We got the CyberAngel service when we first started getting laptops two years ago and have needed it twice," said Jodea Johnson, systems administrator at Douglas County Hospital in Alexandria, Minn. She chose the service because she liked the encryption it offered, plus the fact that a thief would not know it is there. Also, the price seemed right, she recalled. A CyberAngel spokesman said the price is US$59.95 for one year in single quantities, or US$62.60 for a three-year license in the 100-to-500-quantity range.

It took about six weeks before the first missing laptop started transmitting and the police could recover it, while the second one took less than a week, she recalled.

Laptop hijinks

"Kill switches," meanwhile, are the weapons of choice, along with the encryption of Beachhead Solutions. When a machine using Beachhead's Lost Data Destruction service checks the server and sees that it has been stolen, it can commence erasing preselected files, overwriting them multiple times to preclude file recovery, said Jeff Rubin, Beachhead's vice president of marketing. It can also pull other preselected stunts, such as eternally rebooting.

If it can't get online, the machine can go through a checklist, such as noting that it hasn't been booted up in a while, decide whether it has been stolen and launch the same procedures, Rubin added. Single-user pricing is US$129 per year.

"Tracking is a great idea if you are concerned about the hardware, but a US$1,500 laptop is no big deal compared to the damaged reputation that could result from a breach," said Corey Jenrich, IT manager at Community Bank. He uses Beachhead for his bank's 80 machines. He has never had one stolen and so has never used the kill switch. In the meantime, Jenrich uses the automated encryption facilities that the Beachhead software offers.

"We could have just rolled out the Encrypting File System on Windows XP, but we thought it put too much reliance on the end user to put the right files in an encrypted folder, and if the laptop gets into the wild, I can't prove that a given file was encrypted," he said.

With Beachhead, all files with user-specified extensions will be encrypted. Jenrich also said he likes the way the software can delete files and close down the computer even if it never gets online again.

"We're covered," he said. "It would be worth it if it cost four times as much. We like it for the control it gives us over the end-user environment, extending to situations when the machine is not in our physical control," he added.

And being covered is the main reason more and more enterprises are adopting (aside from tracking) some form of encryption, said Eric Maiwald, analyst at Burton Group, a research and advisory firm in Midvale, Utah. More laws, such as California's SB 1386, require notification of victims if a company suffers a breach of unencrypted personal data.

"They want that encryption 'Get out of jail free' card," Maiwald said. "Encryption products have been around since the 1980s but have not seen much adoption outside the government and financial institutions, but now with the notification laws, we are seeing much larger deployments," Maiwald added. He noted that there are dozens of such products, falling into either file encryption or whole-disk encryption categories.

But Maiwald advised against depending on the encryption facilities built directly into some applications, such as Microsoft Word. "There are a lot of programs out there that will break them," he warned.

For more stolen laptop woe tales, go to www.itcinstitute.com and run a search for "laptop."

Lamont Wood is a freelance writer in San Antonio.