No Witnesses, No Evidence

No problem for software program designed to track laptops

When a laptop computer disappeared recently from the offices of MDx Medical Management Inc. in White Plains, N.Y., the company's president, Thomas Schuetz, turned to Absolute Software to get the laptop back.

The theft occurred when the company was relocating offices and numerous people were coming and going. There was no evidence as to who committed the crime and no witnesses to the theft.

undefinedThe key for any business is to implement a layered approach to laptop security from visual deterrents, such as cable locks, to tracking and recovery software, to remote data deletion when data security is of paramount concern.

"Fortunately, we had installed ComputraceComplete on all our corporate computers, so after we notified the police, we contacted Absolute Software," Schuetz said.

An initial investigation by the police yielded nothing. Inevitably, the laptop silently contacted the Absolute Recovery Center, supplying critical location information. When a computer protected by ComputraceComplete is reported lost or stolen by its owner, the Absolute recovery team flags the computer as missing, then waits for the laptop to discreetly contact the company's monitoring center via its Internet connection every 15 minutes.

Absolute's theft recovery team tracked the laptop as it logged onto the Internet in Florida, then a few days later in Manhattan. An Absolute recovery officer then provided the Manhattan precinct with a name, phone number and address, indicating precisely where the laptop was located. Manhattan detectives then contacted the computer user, resulting in the laptop being immediately returned to the police. The investigation continues into how this person came to be in possession of MDx's laptop.

"I am extremely impressed with ComputraceComplete. The Absolute Recovery Team was able to track and recover a critical piece of hardware for MDx Medical, proving its worth many times over," Schuetz said. "I am a happy Absolute Software customer. In fact, I have already recommended ComputraceComplete to two other companies we do business with."

<

Tip for Preventing Thefts

With the help of the following best practices and helpful tips -- from common sense to high-tech solutions -- your small business need not be counted among the ranks of those companies ill-prepared for laptop theft.

Use cable locks as visual deterrents. Truth be told, most cable locks can be ripped off the plastic exterior of a laptop with a strong tug. Cable locks are therefore akin to ink-filled garment security tags in clothing stores -- they leave a mark when removed by force, but are ineffective at preventing many thefts.

Avoid leaving unsecured laptops unattended. Lock them in cupboards, laptop carts or other secure facilities when not in use. If they must be left in a vehicle, they should be covered up or locked in the trunk.

Keep laptops inconspicuous. Laptops should always be carried in inconspicuous carrying cases, such as a backpacks or tote bags, instead of tell-tale laptop bags.

Change passwords regularly. Never leave your password in obvious places such as a sticky note under your keyboard or on your desk.

Keep anti-virus software and firewalls installed and up-to-date. Prevent unauthorized access and protect valuable information with data encryption software.

Back-up valuable data on a scheduled basis. Data back-up needs to happen as frequently as required to minimize the risk to the organization in the event of loss.

Understand the dangers of pirated software and file sharing. Both piracy and over-deployment of purchased licenses can lead to significant lawsuits or other financial penalties. And not only is it illegal, pirated software can increase susceptibility to viruses, Trojans and other attacks.

Stay informed. Continue to educate yourself on the tools and techniques used today by cyber criminals, as well as other security risks to company data.

Use asset tracking and recovery software. Laptop recovery tools are highly effective because thieves know that hardware is more valuable if they can prove it works. To do so, they inevitably turn the hardware on and connect to the Internet, at which point the software agent -- unbeknownst to the thief -- reports its location information, helping police recover the device.

Invest in advanced data protection. Industry-leading data protection software allows customers to track fixed, remote and mobile computer assets, and remotely wipe sensitive information in the event that a computer is lost, stolen or nearing the end of its lifecycle.

Laptop Theft Statistics
While MDx Management adequately protected itself against laptop theft, countless organizations cannot say the same. Insurance agency, Safeware, claims that more than 600,000 laptops were stolen in 2004, resulting in an estimated $5.4 billion in loss of proprietary information. According to the FBI, 97 percent of stolen computers are never recovered. Gartner Group estimates that 73 percent of companies do not have specific security policies in place to protect their laptop computers.

Laptops are easy targets because they are designed to be portable. Yet, organizations risk litigation, lost business and public relations nightmares when a laptop goes missing. Veterans Affairs, Ernst & Young and Fidelity Investments have all recently faced intense media scrutiny after employee laptops disappeared.

Laptop theft may be impossible to fully prevent, but there are numerous tactics and technologies an organization can employ to help protect their mobile assets around the clock, in the office or on the road. In fact, Absolute Software has found that while the average corporate laptop theft rate is between 3.5 percent and 5 percent, organizations using laptop theft recovery software have a theft rate lower than 0.5 percent.

As current laws mandate public disclosure of data breaches, organizations are clamoring for strategies to both prevent laptop thefts and comply with privacy regulations when the unthinkable occurs.

The key for any business, large or small, is to implement a layered approach to laptop security from visual deterrents, such as cable locks, to tracking and recovery software to remote data deletion when data security is of paramount importance.

Regulations and Compliance
In response to the ever-increasing volume of sensitive and confidential information stored electronically on remote and mobile computers, and the potential and actual breaches of privacy that have occurred, governments have dramatically increased regulatory legislation designed to protect personal information.

California S.B. 1386 requires all organizations in the state of California that own or license computerized data containing personal information to disclose to residents any breach of security if unencrypted personal information is reasonably thought to have been compromised by an unauthorized person. Furthermore, the bill extends beyond California's borders because it also applies to any business that holds data on a California resident. Most states have adopted legislation similar in scope to Senate Bill 1386.

HIPAA establishes rules for handling and securing medical records to ensure the privacy and security of patient information. The act pertains to organizations that process, transmit or store protected health information. Noncompliance carries significant civil and criminal penalties.

Sarbanes-Oxley Act requires accurate reporting of all assets, including computer assets. Non-compliance carries severe penalties (fines of up to $5 million and imprisonment for up to 20 years) for senior management.

Gramm-Leach-Bliley is a law that mandates that all companies protect the security and confidentiality of their customers' private information. To comply, organizations storing personal customer information must identify and safeguard against the loss of any personal information.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3