Laptop Security


Here are some things to do to keep your laptops and other stolen computers safe:

  1. Most importantly, use whole disk encryption with strong passphrases. 
    Whole Disk Encryption:  Whole Disk Encryption
  2. Configure Windows to require passwords to be entered upon return from hibernate, suspend or a screensaver time out.
  3. Ensure screens are getting locked via CTRL-ALT-DEL or a short screensaver timeout.
  4. Install laptop-tracking software such as LoJack for Laptops. While this can certainly aid in recovery, the problem is that by the time the system is recovered, sensitive information on the laptop could've been compromised.

There's always the chance that your stolen systems will be sold, new software will be reloaded, and nothing bad will ever come of it. However, you've got to look at the worst-case scenario. Given that so much information is being stored in so many different places, without whole disk encryption in place combined with sensible password and screen-locking technologies, there's not really any way to be sure everything's protected at all times. That's a risk no savvy person should ever be willing to take.

Track Your Laptop With an ID

Put an ID tag on each laptop (as well as BlackBerry, digital camera, and USB key you own) and record it with a recovery service. Be sure to record the serial numbers of your equipment so that it is possible for authorities to reunite found items with their rightful owners. Tracking tags give you an opportunity to enter serial number information as you tag each item, after which you can use the recovery service as a basic inventory system. (You should definitely maintain serial-number records, as well as purchase receipts, in case of insurance claims.)

Adeona is a free, open-source system for helping to track and recover lost and stolen laptops.

Recovery services report recovery rates of 75 percent and higher on tagged items. Evidently, most people who find laptops are honest, and by offering prepaid returns and a reward on the tag (which lists an 800 number), the service makes it easy to do the right thing.

The services have you register each item on the Web, with identifying information; then they contact you to arrange return if an item is found. The price is nominal, usually around 5-10 dollars per label, with quantity discounts. Vendors that offer labeling and recovery services include BoomerangItStuffBakTrackItBack,YouGetItBack.comzReturn. Some of these companies sell lifetime service for a fixed price, while others use a yearly subscription model. Some charge a recovery fee if an item is found. TrackItBack sells multipacks, which bring costs down to 5 dollars per label, with lifetime service and no administrative or shipping fees on recovered items. TrackItBack will even send you a free replacement tag if the original comes off.

The recovery firms unanimously cite privacy considerations and their 24-hour phone service as reasons to use their labels instead of just a taped-on business card or an inventory tag from your own company. The labels themselves may deter theft, as they render an item harder to fence.

Rely on Recovery Software

If a thief steals your laptop, tracking and recovery software can help you get it back. Absolute Software's ComputraceComplete (50 dollars per year), Brigadoon's PC PhoneHome (30 dolars lifetime), Inspice's Inspice Trace(30 dollars/year) and zTrace Technologies' zTrace Gold (50 dollars per year) are tracking utilities that connect periodically to a central server. When any of these does so, the associated service can trace your laptop's location on the Internet and summon the local police to recover it. Absolute Software claims that Computrace can survive on a laptop even if the thief successfully reinstalls the operating system, reformats the hard drive, or (in some laptop models) swaps out the hard drive. Some tracking products also have such features as the ability to wipe out key data if a laptop is stolen, or to take a photo of the thief if the machine has a built-in camera. The laptop's location may be pinpointed by IP address or by GPS, depending on the device and the service. Discounts vary among the services, depending on such variables as features, number of devices covered, and duration of contract, but the overall expense for most businesses pales in comparison to the cost of data loss.

ComputraceComplete is the market leader, with a broad set of features, from asset and software license management to a remote data deletion capability that meets Department of Defense standards. The company guarantees recovery of your computer within 30 days; if it fails to produce the lost unit, it will pay you 90 percent of the device's original purchase price, up to 1000 dollars.

Back Up and Encrypt Your Data

Regardless of the precautions you take, a laptop may still get lost or stolen. So it's vital to keep the loss to a minimum by ensuring that all important data is backed up and encrypted.

Encrypting data on laptops and on USB drives is relatively easy these days, thanks to numerous inexpensive security tools that provide military-grade encryption. But these programs are only as effective as their users allow them to be. For instance, instead of letting a laptop sleep during travel, you should shut it down completely, thereby locking the drive.

Set Up a Laptop Security System

If you're a seasoned traveler, you're used to working with your laptop in public places. But if you're not securing that laptop, you're asking for trouble. Apart from using a physical laptop lock (which you should already do), you can set up a software security system on your laptop with free software designed to deter thieves and to recover laptops.

For example, Laptop Alarm, when switched on, will set off a loud alarm if anyone unplugs your power cord, moves your mouse, or tries to shut down your computer. And since no security system is complete without a security camera, try Yawcam, a free app that turns your laptop's Webcam into a motion-sensing security camera capable of uploading photos of potential thieves to the FTP server of your choice.

Last but not least, the free LaptopLock utility focuses on retrieval and extra security for stolen laptops. With LaptopLock you can delete files, encrypt data, and log the IP address of your stolen laptop--all remotely.

Automatically Lock Your Computer When You Walk Away, and Unlock It When You Return

Free application BtProx monitors the proximity of your computer (laptop or desktop) to your cell phone or other Bluetooth device, and automatically locks the computer when the phone goes out of range. When you walk away from your laptop with your cell phone in your pocket, for example, the computer will automatically lock--protecting its contents from prying eyes while you're not there.

In addition, you can arrange for BtProx to launch any application at the same time that it issues the lock command--so you could automatically lock your PC and turn on your laptop security system when you walk away rom the machine.

Physical Security

Carry unobtrusive bags that don't scream "laptop inside." Messenger bags, knapsacks, and rolling overnighters with inner pockets all make good alternatives to dedicated laptop bags.

People who travel may want to use an alarm. The Belkin USB Laptop Security Alarm (~55 dollars) function as cable locks but sound an alarm if someone cuts the cable. The Doberman Laptop Defender Portable USB Computer Alarm (~$30) incorporates a motion sensor that triggers a loud alarm if the device attached to it is moved.

Here are some things to do to keep your laptops and other stolen computers safe:

  1. Most importantly, use whole disk encryption with strong passphrases. 
    Whole Disk Encryption:    PGP Whole Disk Encryption or TrueCrypt.
    TrueCrypt is a free and open source encryption tool, for both Windows and Linux. Both PGP Whole Disk Encryption and TrueCrypt are independent of the operating system and use much stronger encryption technologies. Even if stolen computers are powered on, as long as the entire drive is encrypted and the screen is locked, the only option for the criminal is to reboot the system to try and get in. Once he does that, he'll be prompted for a passphrase to unlock the drive. As long as the passphrase to encrypt the drive is strong -- he's at a dead-end.
  2. Configure Windows to require passwords to be entered upon return from hibernate, suspend or a screensaver time out.
  3. Ensure screens are getting locked via CTRL-ALT-DEL or a short screensaver timeout.
  4. Install laptop-tracking software such as LoJack for Laptops. While this can certainly aid in recovery, the problem is that by the time the system is recovered, sensitive information on the laptop could've been compromised.

There's always the chance that your stolen systems will be sold, new software will be reloaded, and nothing bad will ever come of it. However, you've got to look at the worst-case scenario. Given that so much information is being stored in so many different places, without whole disk encryption in place combined with sensible password and screen-locking technologies, there's not really any way to be sure everything's protected at all times. That's a risk no savvy person should ever be willing to take.

Website development by Checkmark Media. Designed by Armada.

a place of mind, The University of British Columbia

Faculty of Science
Department of Physics and Astronomy
6224 Agricultural Road
Vancouver, BC V6T 1Z1
Tel 604.822.3853
Fax 604.822.5324

Emergency Procedures | Accessibility | Contact UBC | © Copyright The University of British Columbia