How to: Keep your laptop from being stolen

How to: Keep your laptop from being stolen

Summary: A laptop is stolen every 53 seconds, and approximately 97 percent are never recovered. Worse, one out of every 10 laptops will be stolen within the first 12 months of purchase. Will you be next?

SHARE:
39

A laptop is stolen every 53 seconds, and approximately 97 percent are never recovered, according to the FBI.

Worse, one out of every 10 laptops will be stolen within the first 12 months of purchase.

Will you be next?

With all of your family photos, tax return files, bank statements and more at risk -- not to mention all those usernames and passwords that you auto-saved -- something must be done.

And if you manage a business or work in a corporate environment, the cost could be even steeper than just replacing hardware: think of the public relations nightmare from the theft and legal requirement to alert employees and clients about the information breach.

According to the Ponemon Institute, the cost to a company can total $197 per missing record when factoring in the loss of customers, legal fees and PR crisis management.

Clearly, a few thousand records can quickly add up.

"The loss of a laptop computer may well be quite expensive if it contains unencrypted confidential data," according to the 2008 CSI Computer Crime and Security Survey. In 2008, 42 percent of all corporate security incidents were because of a stolen laptop, second only to viruses and insider abuse.

[Read the full survey here - PDF]

So what to do? Here are several solutions to address the problem.

Theft Recovery: LoJack

Absolute Software, which bills itself as the leading provider of computer theft recovery, data protection and IT asset management, says their Computrace LoJack for Laptops helps recover 40 to 50 computers each week, or roughly three of four missing computers of the three million machines the company protects. (The company also offers a version for mobile devices such as smartphones.)

How?

The Computrace software embeds an agent in your computer's firmware. When your computer is reported stolen, Computrace sends a silent signal over the Internet to its Absolute Monitoring Center, providing location information, among other information, about your stolen machine. The company then works with local law enforcement to recover the computer.

The stealthy Computrace Agent is one tough cookies, too: it's capable of surviving operating system re-installations, hard drive reformats, replacements and re-imaging.

Computrace offers a subscription of one to four years for the service, which has already led to some interesting success stories, including recovering computers stolen by serial burglars, computer repair stores, and thieves who crossed state lines.

Absolute Computrace Lojack for Laptops starts at $39.99.

Theft Recovery: Retriever

Similarly, Front Door Software's Retriever application displays your contact information as your computer boots up. There's even space for a plea to a Good Samaritan — "$50 for my safe return," if you're the kind of forgetful person who often misplaces his or her laptop in public areas.

But if you think your laptop is in the hands of a less honest person, or has been taken maliciously, you can log on to Front Door's Website and notify the company that your computer is missing.

During start-up, a big yellow and red banner appears on your pilfered laptop's screen, boldly declaring the laptop lost or stolen. The message reappears every 30 seconds, no matter how many times the thief closes the window.

The program also offers the option of using an audible message when the "stolen" screen displays, such as "Help, this laptop is reported lost or stolen. If you are not my owner, please report me now," or one of your own design.

Even better, you can remotely switch on a second password prompt if you fear the thief has also stolen your regular Windows, Macintosh or Linux login info.

How does Retriever do it? The program uses built-in Wi-Fi to sniff out nearby networks, then suss out which ISPs power them. With that information, you can file a police report and provide a lead for locating the criminal.

Best yet, if you're feeling truly malicious yourself, you can send and add messages to the nagging "Stolen Computer!" screen: "We're on your tail. We're coming," or perhaps something a bit more, well, explicit. Or alter your contact information to read "FBI" or "Catholic Church," hopefully inducing a bit of guilt.

Retriever costs $29.95 for three years of use. It's also available for a 90-day free trial.

Theft Prevention

But what if you're not into paying for a service to safeguard your laptop? Here are some practical tips to safeguard your computer:

  • Use cable locks on laptops as visual deterrents. They're largely ineffective to a motivated thief, but they are worth inducing a would-be thief's second thought.
  • That said, don't leave your unsecured laptop unattended or in plain sight. Even if you have your laptop on your person, choose a bag that doesn't scream, "laptop bag!"
  • Back-up your data on a schedule. Just do it. (Note: Backing up to the cloud is a security blessing and a curse. Tread carefully.)
  • Keep your antivirus and firewall software patched and in order. It might just buy you some time in preventing your identity from being harvested from a stolen laptop.
  • Create a contingency plan. How would your family, customers, or fellow employees be affected if something goes wrong?
  • Understand the greater security risks as you open up your corporate network to mobile employees.
  • Be proactive -- there's always another hole to plug. Data security is a moving target.

Buying a Legit Computer

Here are four tips to ensure that the computer you buy isn't stolen:

  • If it's too good to be true, it probably is. Really.
  • A typical sign that a computer is stolen is that it's missing the power cord. Keep that in mind when you shop.
  • Use common sense. Ask the seller why they're selling the computer and where they bought it. If the seller seems nervous or in a rush, your gut should be telling you something's amiss.
  • If you haven't purchased anything yet, make sure that if and when you do, you use credit or check so that your payment can be traced.

And finally, if you suspect that you may have bought a stolen laptop:

  • Get the serial number and check with local law enforcement to confirm it is not stolen.

Got any more tips? Leave 'em in TalkBack.

Topics: Laptops, CXO, Hardware, Mobility

Andrew Nusca

About Andrew Nusca

Andrew Nusca is a former writer-editor for ZDNet and contributor to CNET. During his tenure, he was the editor of SmartPlanet, ZDNet's sister site about innovation.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

39 comments
Log in or register to join the discussion
  • Also........

    I use whole disk encryption on all of our office laptops and my personal one.
    MLHACK
  • Love the press releases

    ...Seriously, this reads exactly like the back of the Lojack for Laptops box...and it DOESN'T survive a drive reformat. I know 'cuz I've had to reinstall it every time when I did have the service.

    Joey
    voyager529
    • Actually, there are now Bios versions of LoJack

      There are many laptop models from Toshiba and
      HP that have this built into the BIOS itself.
      Go to the web site and check out the models.
      These will work even if you reformat or
      reinstall a different OS such as Linux. The
      only thing needed is that the laptop should
      connect to the internet.
      GoForTheBest
      • Notes to the Thief??!! Get Your Manhood Enlarged.

        If you think the police are going to spend even 30 seconds trying to triangulate a cell phone signal, even for a $3000 Think Pad (which is by then worth $300) you've been watching waaaaaaaaaayyyyyy too much TV!! And if your ego needs to send pompous messages to the thief, you really need to buy a Hummer, or get your manhood enlarged, or spend the afternoon at Hooters, or something. Really.

        And who cares? The real value is in the data. Hell, the day you spend evaluating/shopping, buying new, and reinstalling is worth more than a $499 notebook.

        Lojack type schemes are useless and not worth the money. Even a BIOS chip can be easily replaced. Plus the thief doesn't check your preventative measures before he rips and runs. He just Rips and Runs!!

        The only thing you can do is treat your machine like your wallet. Don't leave it unattended.

        Beyond that you have to write off the machine.

        Data is another story. First, (assuming you have sensitive, irreplaceable data) guard against liability for losing client data. Your disks should be encrypted by a dedicated pass phrase protection scheme like PGP or TrueCrypt. Don't rely on an OS encryption which can be circumvented. Use an encryption which can only be accessed with the proper pass phrase.

        Second, daily backups. You must. And if you use an automated, networked system like bacula, there should be no pain. Most of my daily incrementals take under 2 minutes.

        If you do this, the thief gets your machine and nothing else. And if the data in your machine isn't worth waaaayyyy more than the machine, you probably are carrying the machine around for the same reason most guys drive Hummers, or go to Hooters. Can you say, "Short end of the stick?"

        <a href="http://www.westernnewsco.com">Western News Co (Chicago)</a>
        Seamus O'Brog
        • Wow I am impressed

          Well you can read this or you can just buy UnderCover for your Mac. OF
          passwords prevent someone from starting under a new disk or CD so
          that the only way to access your data is to dissemble the laptop. Turn on
          file vault and even that does not work.

          This comment "If you think the police are going to spend even 30
          seconds trying to triangulate a cell phone signal" shows a fundamental
          misunderstand of how this works as the police are not required to do this
          to recover your laptop. I know. I got one of mine back.
          OracleOfReason
    • voyager, how many times have...

      you lost or had your laptop stolen? If more than once, I would suggest moving out of the hood.
      sykandtyed
  • RE: How to: Keep your laptop from being stolen

    What happens if the BIOS is updated? How does it protect against that piece?
    SysAdminII
  • RE: How to: Keep your laptop from being stolen

    I haven't tried it but exists a free application called Adeona (University of Washington):

    http://adeona.cs.washington.edu/

    Adeona is the first Open Source system for tracking the location of your lost or stolen laptop.
    pepgrifell@...
  • RE: How to: Keep your laptop from being stolen

    Thank you. A very informative article.
    rcbarr83@...
  • RE: How to: Keep your laptop from being stolen

    My version of protection involves molding C4 in the case and a finger print reader.

    See right here I open my laptop, swipe my finger,
    Um oh crap I got cheetos crumbs on the reader, nothing a little windex wont cure, um oops, umm... OH sh... *Connection Lost*

    Cerebral*Origami
    • See, Here's a Guy that GOT His Manhood Enlarged! (NoTxt)

      (NoTxt)
      Seamus O'Brog
  • RE: How to: Keep your laptop from being stolen

    well, this is what i have done on my lappy:

    i locked my bios so that they would have to actually
    know my password to get in. i also encrypt the data
    that i consider to be sensitive with high quality
    encryption(and a huge passkey of completely random
    numbers symbols and letters that is 56 characters long). to get past the bios boot password you would
    need to disassemble and remove the bios battery. by
    then you might as well just remove the drive. but even
    then the data is encrypted, making it pointless.
    crabbypup
    • bios and labtops

      there is software for cracking thoses 2 incryptions so thats no problem. removing the disk/harddrive will not help to access your labtops hard drive, but replacing it to f.eg a esata or a externt mobile harddrive box, then all your data can easily be accessed...lol...no problem. The bios battery is also an option, but there are many many ways to access your labtop. I'm a computer forensics consultant from Denmark.
      peterpoulsen
  • Why keep sencitive informations...

    First thing to do after you buy a laptop: ENGRAVE it with some personal marking. Like a number and the address of the local police station, or a nearby church, or the closest Salvation Army local... Thives don't like engraved items, they are hard to resel.

    Whenever you go out with a portable device, why load it with all of your records?
    Common cense should dictate to only load whatever data you REALY, absolutely, need. If any of those data is private or restricted, then it absolutely must be encripted.

    Then, why keep all of the data when you have network connectivity? Just keep encrypted data keys and partial records on the laptop, and access the rest, also encrypted, as needed over the net. When a record is closed, it's purged from memory. Also, you must purge those data before closing, or going to suspend or in hybernation. It can be automated so that you can't forget.

    Why stop there? Pack the censitive parts with dummy data as place olders. Phony SAN numbers in place of the real ones, unexistant addresses in the address fields,... All with a low grade encryption, compressed, interweaved with some random data, then encrypted with a strong encrypter with a strong key.

    That way, if the laptop is lost or stolen, the thief will only have encrypted partial data missing the censitive parts.

    This won't prevent the theft, but can make it a LOT less critical. It will also reduce the atractiveness of a stolen laptop, as it will greatly reduce the potential gain.

    Kualinar
    • Yes, Yes! Engrave Your Initials....

      Yes, Yes! Engrave Your Initials....on the top cover.

      It ain't pretty, it will likely void your warranty but thieves hate that stuff.

      That guy is another Manly Man!! (Or Womanly Woman!!)

      <a href="http://www.westernnewsco.com">Western News Co (Chicago)</a>
      Seamus O'Brog
  • Two free alternatives

    There are two free apps that offer this kind of service: The Laptop Lock from www.thelaptoplock.com and Zecop from www.turbulencesoft.com
    You create a free account on their site and input your pc details. If the pc is stolen, you announce that on the site, and receive the ip from which the thief accesses the internet.Not as good as the ones mentioned in the article, but better than nothing. And the price is unbeatable...
    petremure
    • Make that THREE free alternatives

      There is also the Adeona client...
      http://adeona.cs.washington.edu/xpinstallguide.html

      -kevin wall
      kevin.wall@...
      • Thanks!

        Thanks, Kevin, for contributing some free alternatives I didn't know about.
        andrew.nusca
    • Yes, Yes!! Free. Free is Good. Another Manly Man!! (NoTxt)

      (NoTxt)
      Seamus O'Brog
      • You get what you pay for!

        there is no free lunch... Milton Friedman US economist
        nrkmann@...