What to Do When a Laptop is Stolen???

I had my  laptop  stolen  once,  about  fve  years  ago, from the trunk of a locked car parked at a shopping mall. You never forget that experience of being violated, of being stupid.  (And  it seems  to be getting more common, according to a story in the LA Times about thieves who follow customers home from Apple Stores.)

So  what  can  users  do  to  be more  proactive,  given  the number of laptops that go missing every month? One way is  to use one of a growing number of  recovery  software tools that automatically “phone home”  (in  the  Internet  sense of  the word) and help you and the authorities,  should  they be interested,  in  trying  to  track it  down.  Think  of  what  LoJack does for  locating cars, with the added  information  that  having an  Internet connection can bring  (indeed,  the  company  is one that offers a laptop tool).

While it sounds like a great idea, there are several issues with using these tools.

First,  most  of  them  are  designed  for  individuals,  not  corporations.  Absolute  Software’s Computrace  has  an  enterprise  version  called  Complete in their LoJack for Laptops line, which has tools that offer more asset tracking and remote hard disk destruction that aren’t found in an individual product. zTrace Technologies’ zTrace Gold, MyLaptopGPS for Windows, and Brigadoon’s PC/Mac PhoneHome products all offer quantity pricing for business customers, but not much else in terms of added features over their individual versions.

A second alternative  is  to  look at central monitoring and image  automation  tools,  such  as  Symantec’s  Altiris  and Kaseya that can be used in a stolen laptop situation. Greg Hemig,  a  Sacramento  Kaesya  VAR,  did  exactly  that  and was able to recover two  independently stolen  laptops by using the remote control features.

“I was able to fnd out not just an IP address, which is what a typical anti-theft product like LoJack would provide, but an actual physical address,  the names  of  the  user’s  girlfriend and  family, how  to access  their bank  accounts,  and  even  turn on  the microphone on  the  laptop and listen to what they were saying while they were typing,” says  Hemig.  Scary  stuff,  but within two weeks of contacting law  enforcement,  he  was  able to  get  back  both machines  to their original owners.

Third,  the  versions  that  are  offered  differ  as  to  features  between Mac and Windows, with the Mac (if it is supported at all) usually being a poor cousin. If you have a mixed network, this  could  be  a  determining  factor  as  to  which  product you end up deploying. Taking Computrace as an example again, the Mac version doesn’t include the special embedded BIOS agent that comes with their Windows product.

Phoenix Technologies offers something similar for its OEM BIOS  customers  called  FailSafe,  but  not  for  the  general public.  And GadgetTrak  has  software  for  both Mac  and Windows, but prices them differently.

Next,  these  tools are  just part of an overall  laptop  security solution  that should also  include disk encryption and password-protecting the boot drive. If these tools live on the hard disk and if you haven’t enabled a frmware or disk password, any intelligent thief can just reformat your hard drive and remove this protection, or just remove the hard drive itself. So it makes sense to start by putting password protection on all of your machines as frst line of defense. Disk encryption is especially important if you need to protect confdential corporate or business data, not to mention  personal  data,  such  as  bank  account  passwords  as well.

That brings me to my last point: Do you really need a vendor-operated  central monitoring  station,  or  can  you  set up your own central place where alerts can be sent? GadgetTrak, Oribicule’s Undercover for Macs and iPhones, Prey (for Mac, Windows, and Linux), and PC/Mac PhoneHome are  all  tools  that don’t make use of  any  central monitoring station. Instead, the software sends info to your e-mail (and for GagetTrak, to Flickr) accounts directly. With some of  these products, upon booting  they  look  for  the presence or absence of a special URL that indicates the laptop has been stolen. If so, they send information, such as the current  IP  address,  a  snapshot  from  a Webcam,  screen-

shots, and other details to your e-mail address.

One user of Undercover had his  laptop stolen about two years ago, also  from his  car.  (Have  you  realized never  to leave a  laptop  in a vehicle now?) “Within a  few days, we had screenshots and camera images of the thief and working  with  local  authorities,  we  were  able  to  recover  the laptop within a week,”  said  Lenny, a  friend of mine who has run several major corporations and is a big fan of their software.

While options vary depending on need, OS, and budget, the  ideal approach to protecting  laptops  is to cover your bases: use password protection and disk encryption, and employ a collection of tools, including a monitoring product with a corresponding tracking piece on each laptop and remind users to never leave a laptop in a car.