Don't Steal That Laptop
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Y! MyWeb
Share:
Sponsors:
Elizabeth Millard, newsfactor.com
Multilayered user authentication with password protection and biometric controls can protect data, but what happens if a thief simply grabs a laptop from a train seat or an unlocked car?
While I.T. administrators focus the majority of their efforts on locking down systems and networks, they could be leaving a back window unlatched if there is no plan for what happens if a laptop or mobile device is stolen.
To combat the challenges of laptops that go missing, several software vendors have created LoJack-style tracking technology that can trace laptops through Internet Protocol (IP) addresses.
If a thief steals a device and never gets on the Internet with it, then a company can kiss that technology goodbye, even if it is equipped with the new technology.
But the majority of stolen laptops and devices are resold or used to tap in to networks, making tracer technology a potentially valuable addition to any security plan.Installing the Lock
The way tracer technology works is by identifying a computer's serial number and recording which IP address is being used, whenever the computer is connected to a network. The information is sent to a tracing company like IntelliTrack, Absolute Software or Stealth Signal -- or directly to a company's I.T. department.
When a laptop is reported as stolen, the software identifies where it is according to its IP address. Locating it quickly usually is not a problem because the vendor checks on IP status frequently and correlates that information to a location database.
"We basically assume that any second the computer will get stolen," said Victoria Correa, spokesperson for Stealth Signal. "If it actually does, we have updated information."
In addition to implementing tracking technology, a security plan should not be considered complete without informing employees about what has been installed on their laptops and why.
"Between 60 to 80 percent of laptop theft is done by employees or contract workers, we've found," said Correa. "We've seen that even telling employees that there's tracking technology in place will make the loss rate drop, sometimes dramatically."
Some companies that suspect rampant equipment embezzlement have turned to tracer technology to prove their case, she noted. "With this software, it's about more than just getting a single laptop back, or knowing where a PDA is," said Correa. "It's also about finding out who's loyal and who isn't."
Tricky Issue
Despite its potential usefulness, there is one potential glitch in the system when it comes to tracer technology, and that is being able to recover the stolen device or laptop.
In many cases, companies would probably prefer to have their employees as the culprits, given the difficulty of actually tracking down thieves that might use shady Internet service providers (ISPs), said Doug Fowler, spokesperson for SpectorSoft, a developer of Internet monitoring and surveillance products.
"Sometimes the only way to find a laptop is to get cooperation from the ISP, and that can be tricky," he said. "ISPs typically aren't going to easily give up that information without a subpoena."
But if an ISP is reluctant to cooperate, there will be other clues to the laptop's location, especially if the company has installed a keylogger program. SpectorSoft's software records other information, such as what e-mail account the laptop is using to send mail, so sometimes recovery is as easy as sending a note.
"We've seen people just send an e-mail saying, 'I know you have my computer, and I know where you are, so please return it,'" noted Fowler. "And they do."
The largest caveat for companies pinning their hopes on tracer technology is that if a thief reformats the hard drive, the tracer software will be wiped out along with everything else, said Fowler. Fortunately, that is rarely the case. "Usually, they steal a laptop and then try to sell it quickly, and reformatting takes too much time and effort," he said. "That's good news for tracking it down."
Safe and Sound
In addition to employing technology that can find a laptop if it is missing or stolen, data on these machines should be encrypted in a way that makes it inaccessible to thieves. Tactics include implementing BIOS-level encryption technology or implementing a biometric device, like a fingerprint reader, to gain access to the system.
"The important thing to remember with laptops and data security is that it's better to have multiple layers of protection rather than relying on just one type of technology," said Joseph Kim, associate director of consulting at The Biometric Group.
"Implementing something like a fingerprint reader is more effective if there are additional controls that lock down various parts of a system," he added.
By integrating additional protections, such as access control and user authentication, tracer technology can feel like an insurance plan to companies rather than as a way to try and protect data that might be made vulnerable.
"Many companies see tracing as way to monitor employees and reduce theft risk," said Correa. "But the data on the laptops should always be locked down enough that if the laptop can't be recovered, it wouldn't be a serious concern for the company."
Article submitted by: Some1
Last Update: 10-14-2005
Category: Off Topic Info
Multilayered user authentication with password protection and biometric controls can protect data, but what happens if a thief simply grabs a laptop from a train seat or an unlocked car?
While I.T. administrators focus the majority of their efforts on locking down systems and networks, they could be leaving a back window unlatched if there is no plan for what happens if a laptop or mobile device is stolen.
To combat the challenges of laptops that go missing, several software vendors have created LoJack-style tracking technology that can trace laptops through Internet Protocol (IP) addresses.
If a thief steals a device and never gets on the Internet with it, then a company can kiss that technology goodbye, even if it is equipped with the new technology.
But the majority of stolen laptops and devices are resold or used to tap in to networks, making tracer technology a potentially valuable addition to any security plan.Installing the Lock
The way tracer technology works is by identifying a computer's serial number and recording which IP address is being used, whenever the computer is connected to a network. The information is sent to a tracing company like IntelliTrack, Absolute Software or Stealth Signal -- or directly to a company's I.T. department.
When a laptop is reported as stolen, the software identifies where it is according to its IP address. Locating it quickly usually is not a problem because the vendor checks on IP status frequently and correlates that information to a location database.
"We basically assume that any second the computer will get stolen," said Victoria Correa, spokesperson for Stealth Signal. "If it actually does, we have updated information."
In addition to implementing tracking technology, a security plan should not be considered complete without informing employees about what has been installed on their laptops and why.
"Between 60 to 80 percent of laptop theft is done by employees or contract workers, we've found," said Correa. "We've seen that even telling employees that there's tracking technology in place will make the loss rate drop, sometimes dramatically."
Some companies that suspect rampant equipment embezzlement have turned to tracer technology to prove their case, she noted. "With this software, it's about more than just getting a single laptop back, or knowing where a PDA is," said Correa. "It's also about finding out who's loyal and who isn't."
Tricky Issue
Despite its potential usefulness, there is one potential glitch in the system when it comes to tracer technology, and that is being able to recover the stolen device or laptop.
In many cases, companies would probably prefer to have their employees as the culprits, given the difficulty of actually tracking down thieves that might use shady Internet service providers (ISPs), said Doug Fowler, spokesperson for SpectorSoft, a developer of Internet monitoring and surveillance products.
"Sometimes the only way to find a laptop is to get cooperation from the ISP, and that can be tricky," he said. "ISPs typically aren't going to easily give up that information without a subpoena."
But if an ISP is reluctant to cooperate, there will be other clues to the laptop's location, especially if the company has installed a keylogger program. SpectorSoft's software records other information, such as what e-mail account the laptop is using to send mail, so sometimes recovery is as easy as sending a note.
"We've seen people just send an e-mail saying, 'I know you have my computer, and I know where you are, so please return it,'" noted Fowler. "And they do."
The largest caveat for companies pinning their hopes on tracer technology is that if a thief reformats the hard drive, the tracer software will be wiped out along with everything else, said Fowler. Fortunately, that is rarely the case. "Usually, they steal a laptop and then try to sell it quickly, and reformatting takes too much time and effort," he said. "That's good news for tracking it down."
Safe and Sound
In addition to employing technology that can find a laptop if it is missing or stolen, data on these machines should be encrypted in a way that makes it inaccessible to thieves. Tactics include implementing BIOS-level encryption technology or implementing a biometric device, like a fingerprint reader, to gain access to the system.
"The important thing to remember with laptops and data security is that it's better to have multiple layers of protection rather than relying on just one type of technology," said Joseph Kim, associate director of consulting at The Biometric Group.
"Implementing something like a fingerprint reader is more effective if there are additional controls that lock down various parts of a system," he added.
By integrating additional protections, such as access control and user authentication, tracer technology can feel like an insurance plan to companies rather than as a way to try and protect data that might be made vulnerable.
"Many companies see tracing as way to monitor employees and reduce theft risk," said Correa. "But the data on the laptops should always be locked down enough that if the laptop can't be recovered, it wouldn't be a serious concern for the company."
Article submitted by: Some1
Last Update: 10-14-2005
Category: Off Topic Info
Current rating: 5.46 by 41 users
Would you recommend this article to a friend? |
Not a Chance | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Absolutely |
Related News Stories
(15,184 reads) 03-29-2007
· Adobe Photoshop CS3 published(13,178 reads) 08-03-2006
· FBI calls for hacker help.(15,003 reads) 07-20-2006
· Become a Friend of Firefox.(12,764 reads) 07-15-2006
· Recently unearthed e-mail reveals what life was like in 1995(14,597 reads) 02-23-2006
· Inside Windows Vista ( Build 5308) + slide show(13,301 reads) 02-21-2006
· do-you-have-a.COM ? thinking-to-buy-a.COM ?(13,472 reads) 01-17-2006
· Websites judged in milliseconds(14,066 reads) 01-17-2006
· Stolen Corvette found after 37 years (Reuters)(13,672 reads) 01-17-2006
· Two patients in surgical slip-up (Reuters)(13,065 reads) 01-17-2006
· Goose Poop a Problem for Oakland Parkgoers (AP)
Please register or sign-in to post comments.