Best practices against laptop theft Depending on what is kept on a particular laptop, lack of proper security precautions allows a thief to easily acquire such information as personal bookkeeping files, documents containing passwords, addresses, as well as employee and customer information stored on company laptops. Inside protection Passwords are no longer adequate to protect laptops. There are many solutions that can improve the strength of a laptop's protection. Full disk encryption (FDE) is an increasingly popular and cost-effective approach. Full disk encryption can be taken on from a software-based approach, a hardware-based approach, or both - end-based approach. FDE provides protection before the operating system starts up with pre-boot authentication, however precautions still need to be taken against cold boot attacks. There are a number of tools available, both commercial and open source that enable a user to circumvent passwords for Windows, Mac OS X, and Linux . Passwords provide a basic security measure for files stored on a laptop, though combined with disk encryption software they can reliably protect data against unauthorized access. Remote Laptop Security (RLS) is available to confidently secure data even when the laptop is not in the owner's possession. With Remote Laptop Security, the owner of a laptop can deny access rights to the stolen laptop from any computer with Internet access. There are also a number of programs that help deter laptop theft. One program, LaptopSentry, which was recently released, uses the computer's power cord to serve as a trigger for an alarm. Upon alarm activation, the program begins emailing specified files to the user's email address. Physical protection A number of computer security measures have emerged that aim at protecting data. The Kensington Security Slot along with a locking cable provides physical security against thefts of opportunity. Centralization of laptop data Another possible ap proach to limiting the consequences of laptop theft is to issue thin client devices to field employees instead of conventional laptops, so that all data will reside on the server and therefore may be less liable to loss or compromise. If a thin client is lost or stolen, it can easily and inexpensively be replaced. However, a thin client depends on network access to the server, which is not available aboard airliners or any other location without network access. This approach can be coupled with strong authentication as such Single sign on. Some major laptop thefts This section needs additional citations for verification. Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (November 2008) 2007 8.8.07 Stolen Laptop With 519 Citibank Student Loan Corporation Customers 8.6.07 - Verisign Stolen Laptop, Unknown Number of Current and Former Employees Affected A laptop computer containing sensitive, personally identifiabl e information was stolen from a Verisign employee's car. The persons affected by this incident are current and past Verisign employees. 8.2.07 - Capital Health (Canada), Stolen Laptops, 20,000+ Affected Four laptop computers were stolen from staff desks while secured to the desks with cable lock devices in a secure building. The thieves were able to enter the building, dislodge the cable locks and remove the computers during evening hours of May 8. 2006 An unencrypted hard drive containing names, addresses and Social Security numbers of American Institute of Certified Public Accountants (AICPA) members was lost when it was shipped back to the organization by a computer repair company. Potentially 330,000 members were affected. A laptop that belonged to an Ernst & Young employee was stolen from a vehicle. The computer contained personal information of 243,000 Hotels.com customers. Two Federal Trade Commission laptops were stolen out of a locked car when staff attorneys took t hem home to work on a lawsuit. As a result, names, addresses and Social Security numbers of 110 people were exposed to thieves. American International Group, a major insurance company, became responsible for private data of 970,000 potential customers when their file server and several laptop computers were stolen from its Midwest offices. An Equifax Inc., company laptop was stolen from a travelling employee. Information compromised included employee names and Social Security numbers. 13,000 District of Columbia employees and retirees were put in danger of identity theft when a laptop belonging ING U.S. Financial Services was stolen from an employee home. A laptop containing debit card information and Social Security numbers of 65,000 persons was stolen from YMCA seemingly safe administrative offices. Personal data of 26.5 million U.S. veterans was on a laptop taken from the home of a U.S. Department of Veterans Affairs employee. Four laptop computers containing names, Socia l Security numbers, and addresses of 72,000 customers were stolen from the Medicaid insurance provider Buckeye Community Health Plan. A Boeing employee laptop was grabbed at an airport, compromising 3,600 employees Social Security numbers, addresses and phone numbers. 2005 Stolen UC Berkeley laptop exposed personal data of nearly 100,000 Laptop tracking software See also: Remote Laptop Security These products make a "call home" over the Internet in order to help recovery and some also lock the content of the hard drive to prevent data loss. ActiveTrak Mobile endpoint security for the enterprise Adeona by University of Washington; open-source. - Due to problems with the server that stores user data, Adeona stopped functioning in the fall of 2008. Developers are working on a new version. As of May 1, 2009, this was still in development. AsseTrax by Authentic Venture Sdn Bhd. BackStopp by Virtuity, Ltd. Computrace by Absolute Software. The CyberAngel w/ Wi-Trac by CyberAngel Se curity Solutions, Inc. FailSafe by Phoenix Technologies. GadgetTrak's PC-Trak for Windows LaptopSentry by E.E.Soft LoJack for Laptops. MacTrak: Privacy Safe Anti-Theft for OS X. MyLaptopGPS nTracker by SyNet Electronics, Inc. PC PhoneHome by Brigadoon Software, Inc. Prey. Open-source, multi-platform (Windows, Mac, Linux), remote tracking configurable with wi-fi autoconnect and optional camera snapshots. ExoTrack and Remote Kill by EXO5 Undercover for Mac OS X and iPhone by Orbicule See also Full Disk Encryption Pre-Boot Authentication References ^ Stolen UC Berkeley laptop exposes personal data of nearly 100,000By MICHAEL LIEDTKE, AP Business WriterTuesday, March 29, 2005. ^ ActiveTrak ^ Adeona ^ AsseTrax ^ BackStopp Laptop and data theft protection ^ Absolute Software ^ CyberAngel Security Solutions, Inc. ^ ^ PC-Trak from GadgetTrak ^ LaptopSentry ^ LoJack for Laptops. ^ MacTrak ^ MyLaptopGPS ^ nTracker ^ PC PhoneHome ^ Prey Project ^ ExoTrack and Remote Kill by EXO5 ^ Unde rcover by Orbicule [] External links 3 Ways To Protect Your Laptop - information and tips for laptop security Theft and Loss Protection for Linux Laptops and Notebooks - includes useful tips The spy who lost me - laptop thefts from the British Ministry of Defence 2005 CSI/FBI Computer Crime and Security Survey - statistics and information about computer crime Breach Blog- Constantly updated list of data breaches, most of which are laptop thefts Musatcha.com Laptop Theft Prevention - Software-based alarm that uses the built-in hard drive protection accelerometer to sense motion LaptopTheft.org- News and resources for victims and businesses regarding laptop theft Categories: Computer security exploits | Theft | LaptopsHidden categories: Articles needing cleanup from February 2008 | All pages needing cleanup | All articles with unsourced statements | Articles with unsourced statements from February 2008 | Articles needing cleanup from October 2009 | Articles containing how-to s ections | Articles needing additional references from November 2008 | All articles needing additional references
No comments:
Post a Comment