Effective ways to secure laptops that your clients may not know

A password, even a strong one, isn't enough anymore to keep laptops safe from vulnerabilities. Susan Harkins discusses several technologies that are still not being widely used, even though they are terribly effective.

Laptops outsold desktops in 2008 and that market is driving security technology. In June 2008, Ponemon Institute reported that business travelers lose more than 12,000 laptops per week in U.S. airports -- that's per week, folks! As the market goes up and the price comes down, innovation and price will be the key to keeping laptops safe.

This next year, securing laptops will consume more IT resources than ever before. That means mobile systems security is a good niche to fill. It won't take much work on your part, and you can impress clients by recommending inexpensive, yet effective products for protecting their mobile systems and data.

There are a few technologies on the shelves that aren't getting the attention they deserve. These technologies include the following:

  • Drive encryption: Lots of users don't want to be bothered with security because they think passwords are enough. But passwords aren't enough -- a hacker can bypass a password in seconds. Drive encryption, on the other hand, totally thwarts a thief. I don't know of any technology that bypasses drive encryption; if it exists, it's not widely in use. A stolen system that's encrypted goes right in the trash with your data undetected. In fact, this technology is so secure (for now), that stolen drive-encrypted systems don't have to be reported, even when the drive contains employee and/or customer confidential information. All this power is also the technology's downfall. Occasionally, you get a system that refuses to boot. The system's toast and has to be rebuilt from scratch. Understandably, users are hesitant to rely on it. You know it seldom happens, but that doesn't matter to clients who need access to their data.
  • Built-in anti-theft protection: This technology allows a user or IT department to remotely disable a laptop. This is my favorite new toy and should be a big hit with users. I've also seen a few subscriber plans that offer the same service (e.g., PC PhoneHome, Mac PhoneHome, Computrace LoJack for Laptops, LocateMyLaptop), and the plans weren't too pricey. You'll only need to use this type of service once to truly appreciate its value. (Note: LocateMyLaptop is free, although I haven't tried it, so I don't know if the service is truly free.)
  • Finger readers: This technology should significantly reduce data theft. Users will like finger readers because it means they'll have one less password to memorize. The good news is that most enterprise laptops have the technology built right in.

What products and technologies are you recommending clients use to protect data on their laptops?

Related TechRepublic resources

Get weekly consulting tips in your inbox TechRepublic's IT Consultant newsletter, delivered each Monday, offers tips on how to attract customers, build your business, and increase your technical skills in order to get the job done. Automatically sign up today!


Susan Sales Harkins is an IT consultant, specializing in desktop solutions. Previously, she was editor in chief for The Cobb Group, the world's largest publisher of technical journals.


I think you should reference the cold boot technique as it pertains to thwarting drive encryption. http://en.wikipedia.org/wiki/Cold_boot_attack There are better articles and complete attack kits for removable drives on the Internet if you know where to look. No, a normal thief could not perform this attack. Then again, a normal thief is not after your data. Those laptops go straight o pawn shops, not the trash. Those thieves that pose a risk to your data are certainly capable of executing this attack. Hard drive encryption is not a magic bullet. I recommend that sensitive data be stored on physically secure network servers or on physically secure thumb drives. It is one thing to smash and grab a laptop in your back seat. Most computer thieves will not mug you for your thumb drive. You can even encrypt the thumb drive with free software like True Crypt. Then it is truly protected.


On the Logmein forum, users report tracing their stolen laptops and enabling police to recover them and arrest the thieves, because they could access the laptop through the installed logmein account. As my laptop has lots of demos but no information that is not duplicated elsewhere, that would work for me.


A group within the University of Washington's Computer Science group released an open source app last year called Adeona. I unfortunately was crippled by flaws in the underlying open source application and I don't think it is up and running on a new app yet. http://adeona.cs.washington.edu/


Sounds like a winning idea. Do you have any particular recomendations or search links?

Editor's Picks