Laptops

Effective ways to secure laptops that your clients may not know

A password, even a strong one, isn't enough anymore to keep laptops safe from vulnerabilities. Susan Harkins discusses several technologies that are still not being widely used, even though they are terribly effective.

Laptops outsold desktops in 2008 and that market is driving security technology. In June 2008, Ponemon Institute reported that business travelers lose more than 12,000 laptops per week in U.S. airports -- that's per week, folks! As the market goes up and the price comes down, innovation and price will be the key to keeping laptops safe.

This next year, securing laptops will consume more IT resources than ever before. That means mobile systems security is a good niche to fill. It won't take much work on your part, and you can impress clients by recommending inexpensive, yet effective products for protecting their mobile systems and data.

There are a few technologies on the shelves that aren't getting the attention they deserve. These technologies include the following:

  • Drive encryption: Lots of users don't want to be bothered with security because they think passwords are enough. But passwords aren't enough -- a hacker can bypass a password in seconds. Drive encryption, on the other hand, totally thwarts a thief. I don't know of any technology that bypasses drive encryption; if it exists, it's not widely in use. A stolen system that's encrypted goes right in the trash with your data undetected. In fact, this technology is so secure (for now), that stolen drive-encrypted systems don't have to be reported, even when the drive contains employee and/or customer confidential information. All this power is also the technology's downfall. Occasionally, you get a system that refuses to boot. The system's toast and has to be rebuilt from scratch. Understandably, users are hesitant to rely on it. You know it seldom happens, but that doesn't matter to clients who need access to their data.
  • Built-in anti-theft protection: This technology allows a user or IT department to remotely disable a laptop. This is my favorite new toy and should be a big hit with users. I've also seen a few subscriber plans that offer the same service (e.g., PC PhoneHome, Mac PhoneHome, Computrace LoJack for Laptops, LocateMyLaptop), and the plans weren't too pricey. You'll only need to use this type of service once to truly appreciate its value. (Note: LocateMyLaptop is free, although I haven't tried it, so I don't know if the service is truly free.)
  • Finger readers: This technology should significantly reduce data theft. Users will like finger readers because it means they'll have one less password to memorize. The good news is that most enterprise laptops have the technology built right in.

What products and technologies are you recommending clients use to protect data on their laptops?

Related TechRepublic resources

Get weekly consulting tips in your inbox TechRepublic's IT Consultant newsletter, delivered each Monday, offers tips on how to attract customers, build your business, and increase your technical skills in order to get the job done. Automatically sign up today!

About

Susan Sales Harkins is an IT consultant, specializing in desktop solutions. Previously, she was editor in chief for The Cobb Group, the world's largest publisher of technical journals.

13 comments
Mabrick
Mabrick

I think you should reference the cold boot technique as it pertains to thwarting drive encryption. http://en.wikipedia.org/wiki/Cold_boot_attack There are better articles and complete attack kits for removable drives on the Internet if you know where to look. No, a normal thief could not perform this attack. Then again, a normal thief is not after your data. Those laptops go straight o pawn shops, not the trash. Those thieves that pose a risk to your data are certainly capable of executing this attack. Hard drive encryption is not a magic bullet. I recommend that sensitive data be stored on physically secure network servers or on physically secure thumb drives. It is one thing to smash and grab a laptop in your back seat. Most computer thieves will not mug you for your thumb drive. You can even encrypt the thumb drive with free software like True Crypt. Then it is truly protected.

ssharkins
ssharkins

I agree -- I think this line of attack is good, but regardless of how much you recommend against it, people want to store their data on the laptop and not bother with remote access or even a thumb drive. But, I agree with you.

kate
kate

On the Logmein forum, users report tracing their stolen laptops and enabling police to recover them and arrest the thieves, because they could access the laptop through the installed logmein account. As my laptop has lots of demos but no information that is not duplicated elsewhere, that would work for me.

dennis.jacobsen
dennis.jacobsen

A group within the University of Washington's Computer Science group released an open source app last year called Adeona. I unfortunately was crippled by flaws in the underlying open source application and I don't think it is up and running on a new app yet. http://adeona.cs.washington.edu/

sgkester
sgkester

Sounds like a winning idea. Do you have any particular recomendations or search links?

SObaldrick
SObaldrick

Do FR's prevent the thief from installing a new OS? Les.

hash1024
hash1024

1) No, they don't prevent you from installing a new OS. They just bind your prints to a username/password combination. 2) Mythbusters had an episode where they successfully defeated this device with the prints lifted from a glass. So if you keep your password on a sticky note - it can be useful. Other than that - it will create a false sense of security.

ssharkins
ssharkins

Almost any security measure can be broken, that's why one, in and of itself, isn't a solution at all. As for the lifting prints from a glass thing -- I'm sure that's true, but I don't see it as any more a problem than any other vulnerability we have to deal with. They all have a hole we have to fill.

Aakash Shah
Aakash Shah

TrueCrypt is an free and open source tool that offers drive and file encryption: http://www.truecrypt.org

doug
doug

I really like truecrypt. I like the way you can set up a storage file, and copy it from device to device, without ever opening it up. The problem with encrypting the entire drive is you often have to let technicians and others on it. Do you really want the company tech or Best Buy Nerd patroll looking thru your daughter's pictures, or the expensive artwork you keep at home? I'm not sure people really understand how important encryption is nowadays.

ssharkins
ssharkins

Someone's actually using Vista??????? :)

Sterling chip Camden
Sterling chip Camden

(Crying Out Loud) :( I don't like to, but I have to. Some of my clients develop applications that have to run on Vista.

Editor's Picks