How to: Keep your laptop from being stolen
Summary: A laptop is stolen every 53 seconds, and approximately 97 percent are never recovered. Worse, one out of every 10 laptops will be stolen within the first 12 months of purchase. Will you be next?
A laptop is stolen every 53 seconds, and approximately 97 percent are never recovered, according to the FBI.
Worse, one out of every 10 laptops will be stolen within the first 12 months of purchase.
Will you be next?
With all of your family photos, tax return files, bank statements and more at risk -- not to mention all those usernames and passwords that you auto-saved -- something must be done.
And if you manage a business or work in a corporate environment, the cost could be even steeper than just replacing hardware: think of the public relations nightmare from the theft and legal requirement to alert employees and clients about the information breach.
According to the Ponemon Institute, the cost to a company can total $197 per missing record when factoring in the loss of customers, legal fees and PR crisis management.
Clearly, a few thousand records can quickly add up.
"The loss of a laptop computer may well be quite expensive if it contains unencrypted confidential data," according to the 2008 CSI Computer Crime and Security Survey. In 2008, 42 percent of all corporate security incidents were because of a stolen laptop, second only to viruses and insider abuse.
[Read the full survey here - PDF]
So what to do? Here are several solutions to address the problem.
Theft Recovery: LoJack
Absolute Software, which bills itself as the leading provider of computer theft recovery, data protection and IT asset management, says their Computrace LoJack for Laptops helps recover 40 to 50 computers each week, or roughly three of four missing computers of the three million machines the company protects. (The company also offers a version for mobile devices such as smartphones.)
How?
The Computrace software embeds an agent in your computer's firmware. When your computer is reported stolen, Computrace sends a silent signal over the Internet to its Absolute Monitoring Center, providing location information, among other information, about your stolen machine. The company then works with local law enforcement to recover the computer.
The stealthy Computrace Agent is one tough cookies, too: it's capable of surviving operating system re-installations, hard drive reformats, replacements and re-imaging.
Computrace offers a subscription of one to four years for the service, which has already led to some interesting success stories, including recovering computers stolen by serial burglars, computer repair stores, and thieves who crossed state lines.
Absolute Computrace Lojack for Laptops starts at $39.99.
Theft Recovery: Retriever
Similarly, Front Door Software's Retriever application displays your contact information as your computer boots up. There's even space for a plea to a Good Samaritan — "$50 for my safe return," if you're the kind of forgetful person who often misplaces his or her laptop in public areas.
But if you think your laptop is in the hands of a less honest person, or has been taken maliciously, you can log on to Front Door's Website and notify the company that your computer is missing.
During start-up, a big yellow and red banner appears on your pilfered laptop's screen, boldly declaring the laptop lost or stolen. The message reappears every 30 seconds, no matter how many times the thief closes the window.
The program also offers the option of using an audible message when the "stolen" screen displays, such as "Help, this laptop is reported lost or stolen. If you are not my owner, please report me now," or one of your own design.
Even better, you can remotely switch on a second password prompt if you fear the thief has also stolen your regular Windows, Macintosh or Linux login info.
How does Retriever do it? The program uses built-in Wi-Fi to sniff out nearby networks, then suss out which ISPs power them. With that information, you can file a police report and provide a lead for locating the criminal.
Best yet, if you're feeling truly malicious yourself, you can send and add messages to the nagging "Stolen Computer!" screen: "We're on your tail. We're coming," or perhaps something a bit more, well, explicit. Or alter your contact information to read "FBI" or "Catholic Church," hopefully inducing a bit of guilt.
Retriever costs $29.95 for three years of use. It's also available for a 90-day free trial.
Theft Prevention
But what if you're not into paying for a service to safeguard your laptop? Here are some practical tips to safeguard your computer:
- Use cable locks on laptops as visual deterrents. They're largely ineffective to a motivated thief, but they are worth inducing a would-be thief's second thought.
- That said, don't leave your unsecured laptop unattended or in plain sight. Even if you have your laptop on your person, choose a bag that doesn't scream, "laptop bag!"
- Back-up your data on a schedule. Just do it. (Note: Backing up to the cloud is a security blessing and a curse. Tread carefully.)
- Keep your antivirus and firewall software patched and in order. It might just buy you some time in preventing your identity from being harvested from a stolen laptop.
- Create a contingency plan. How would your family, customers, or fellow employees be affected if something goes wrong?
- Understand the greater security risks as you open up your corporate network to mobile employees.
- Be proactive -- there's always another hole to plug. Data security is a moving target.
Buying a Legit Computer
Here are four tips to ensure that the computer you buy isn't stolen:
- If it's too good to be true, it probably is. Really.
- A typical sign that a computer is stolen is that it's missing the power cord. Keep that in mind when you shop.
- Use common sense. Ask the seller why they're selling the computer and where they bought it. If the seller seems nervous or in a rush, your gut should be telling you something's amiss.
- If you haven't purchased anything yet, make sure that if and when you do, you use credit or check so that your payment can be traced.
And finally, if you suspect that you may have bought a stolen laptop:
- Get the serial number and check with local law enforcement to confirm it is not stolen.
Got any more tips? Leave 'em in TalkBack.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Also........
Love the press releases
Joey
Actually, there are now Bios versions of LoJack
HP that have this built into the BIOS itself.
Go to the web site and check out the models.
These will work even if you reformat or
reinstall a different OS such as Linux. The
only thing needed is that the laptop should
connect to the internet.
Notes to the Thief??!! Get Your Manhood Enlarged.
And who cares? The real value is in the data. Hell, the day you spend evaluating/shopping, buying new, and reinstalling is worth more than a $499 notebook.
Lojack type schemes are useless and not worth the money. Even a BIOS chip can be easily replaced. Plus the thief doesn't check your preventative measures before he rips and runs. He just Rips and Runs!!
The only thing you can do is treat your machine like your wallet. Don't leave it unattended.
Beyond that you have to write off the machine.
Data is another story. First, (assuming you have sensitive, irreplaceable data) guard against liability for losing client data. Your disks should be encrypted by a dedicated pass phrase protection scheme like PGP or TrueCrypt. Don't rely on an OS encryption which can be circumvented. Use an encryption which can only be accessed with the proper pass phrase.
Second, daily backups. You must. And if you use an automated, networked system like bacula, there should be no pain. Most of my daily incrementals take under 2 minutes.
If you do this, the thief gets your machine and nothing else. And if the data in your machine isn't worth waaaayyyy more than the machine, you probably are carrying the machine around for the same reason most guys drive Hummers, or go to Hooters. Can you say, "Short end of the stick?"
<a href="http://www.westernnewsco.com">Western News Co (Chicago)</a>
Wow I am impressed
passwords prevent someone from starting under a new disk or CD so
that the only way to access your data is to dissemble the laptop. Turn on
file vault and even that does not work.
This comment "If you think the police are going to spend even 30
seconds trying to triangulate a cell phone signal" shows a fundamental
misunderstand of how this works as the police are not required to do this
to recover your laptop. I know. I got one of mine back.
voyager, how many times have...
RE: How to: Keep your laptop from being stolen
RE: How to: Keep your laptop from being stolen
http://adeona.cs.washington.edu/
Adeona is the first Open Source system for tracking the location of your lost or stolen laptop.
RE: How to: Keep your laptop from being stolen
RE: How to: Keep your laptop from being stolen
See right here I open my laptop, swipe my finger,
Um oh crap I got cheetos crumbs on the reader, nothing a little windex wont cure, um oops, umm... OH sh... *Connection Lost*
See, Here's a Guy that GOT His Manhood Enlarged! (NoTxt)
RE: How to: Keep your laptop from being stolen
i locked my bios so that they would have to actually
know my password to get in. i also encrypt the data
that i consider to be sensitive with high quality
encryption(and a huge passkey of completely random
numbers symbols and letters that is 56 characters long). to get past the bios boot password you would
need to disassemble and remove the bios battery. by
then you might as well just remove the drive. but even
then the data is encrypted, making it pointless.
bios and labtops
Why keep sencitive informations...
Whenever you go out with a portable device, why load it with all of your records?
Common cense should dictate to only load whatever data you REALY, absolutely, need. If any of those data is private or restricted, then it absolutely must be encripted.
Then, why keep all of the data when you have network connectivity? Just keep encrypted data keys and partial records on the laptop, and access the rest, also encrypted, as needed over the net. When a record is closed, it's purged from memory. Also, you must purge those data before closing, or going to suspend or in hybernation. It can be automated so that you can't forget.
Why stop there? Pack the censitive parts with dummy data as place olders. Phony SAN numbers in place of the real ones, unexistant addresses in the address fields,... All with a low grade encryption, compressed, interweaved with some random data, then encrypted with a strong encrypter with a strong key.
That way, if the laptop is lost or stolen, the thief will only have encrypted partial data missing the censitive parts.
This won't prevent the theft, but can make it a LOT less critical. It will also reduce the atractiveness of a stolen laptop, as it will greatly reduce the potential gain.
Yes, Yes! Engrave Your Initials....
It ain't pretty, it will likely void your warranty but thieves hate that stuff.
That guy is another Manly Man!! (Or Womanly Woman!!)
<a href="http://www.westernnewsco.com">Western News Co (Chicago)</a>
Two free alternatives
You create a free account on their site and input your pc details. If the pc is stolen, you announce that on the site, and receive the ip from which the thief accesses the internet.Not as good as the ones mentioned in the article, but better than nothing. And the price is unbeatable...
Make that THREE free alternatives
http://adeona.cs.washington.edu/xpinstallguide.html
-kevin wall
Thanks!
Yes, Yes!! Free. Free is Good. Another Manly Man!! (NoTxt)
You get what you pay for!