Mitigating Laptop Theft
• Internal loss/theft - 90 percent
• External theft - 10 percent
Some of the major reasons for this internal loss/theft may be due to: a loss of records or inaccurate records as a laptop is transferred from one employee to another, an internal theft ring, an employee who refuses to return a company computer after being terminated, an employee who has given misleading information regarding the location of a computer, a lone thief or a disgruntled employee. Typical perpetrators of external theft include messengers, technicians who are in the facility to repair a piece of equipment, a smash-and-grab thief or an unscrupulous visitor.
Over the years there have been a variety of technologies developed to help mitigate the theft of these laptop computers. However, most of the devices that have been marketed have been primarily mechanical in nature, with a low level of technical sophistication. More recently, some very innovative and inexpensive products have become available in the marketplace, which provide a higher level of protection for PCs. Some of these products are software-based while some of them are hardware-based. What follows is a brief overview of these products.
Tracking
Computer tracking programs are software-based products in several variations. Some of these programs send a stealth email message to a pre-determined email address as soon as the PC is connected to the Internet. This email message will contain the exact location of the stolen PC, along with a wealth of additional information. This information includes the route Internet Protocol (IP) addresses, the name of the person who has logged on, dial-up networking Internet service providers, user IDs, etc. When this message is received via the Internet, the software manufacturer’s in-house recovery agents work with the client and law enforcement authorities to attempt to recover the stolen property. The software can also be set to run on a periodic basis to allow a continual reporting the location of the PC. Other manufacturer’s software programs use a combination of Internet and telephone call tracing to locate the missing computer. Here, the stealthy software waits for a telephone line to be connected to the modem. Upon connection, it dials the manufacturer’s central monitoring theft recovery center to identify its current location. Additional software features of these programs include the capability to remotely and systematically delete all data and user files on the hard disc drive when the targeted computer surreptitiously contacts the theft recovery center. This helps to mitigate a corporation’s legal liability by preventing confidential client information or other sensitive computer data from falling into the wrong hands. Typically, these software programs use less than two percent of a computer’s operating system resources, and then only until they have emailed out their message packets. Most of these software packages are very inexpensive, user-friendly and are available retail for between $30 and $40 each.
The key to success in locating and recovering any missing PC is the ability of the software to track in real time and have an established set of processes, procedures and protocols for working in a collaborative effort with law enforcement authorities. Although these new and innovative software packages have been shown to provide some reduction in incidents of laptop theft in facilities where they have been installed, they may be regarded as only reactive crime measures, since they do not directly inhibit external theft. However, these software products do provide a powerful tool for investigators who are attempting recovery after a theft has already occurred.
Going Wireless
Wireless transmitters and receivers also are used to curtail the theft of laptop computers. These units are two-piece RF-based systems. A small battery-operated transmitter is mounted on the computer chassis, while the receiver is mounted in a convenient location in a room that is within the operating range of the transmitter. When the signal is lost between the transmitter and the receiver during an attempted theft, the receiver will initiate a loud audible alarm that can be heard throughout the office. This type of device is very secure, as random synchronized codes are communicated between the transmitter/receiver pairs to deter a possible compromise of the system. The use of these units may be regarded as proactive crime measures, since they directly inhibit theft and summon help once the computer has left the operational range of the receiver. These transmitter/receiver units are typically available retail for approximately $70.00 for the pair.
This technology also includes active radio frequency identification tags.
Cables and Locks
Cabling systems are devices that generally consist of a high tensile strength cable, a high-security lock and a metal baseplate with high-security screws or high-strength adhesive materials. These devices are simple to install and deter against theft by physically securing the computer to a desk or table. These devices are highly secure and are regarded as proactive security measures. However, they do severely limit any physical movement of the computers from their semi-permanent mounting locations. The cost of these devices varies, but typical costs are generally in the $30 to $90 price range, depending upon features.Locker storage systems are a less common methodology used to protect laptop computers from theft. Here, an access-controlled locker secures the laptop computer at the end of each workday, while providing an audit trail of all transactions, including any attempts at unauthorized entry. While this methodology works well to prevent thefts during non-working hours, it does little to mitigate incidents of theft during normal working hours of the day.
Video surveillance systems provide a very good means to track and record all activity within an office complex. If the security command and control center is manned, security personnel can immediately respond to any aberrant or criminal activity that has occurred. Even if the system is unmanned as in many facilities, it can still act as an effective deterrent to theft as well as become a powerful investigative tool after an incident has already occurred.
Proactive security measures are one of the most overlooked methods used to mitigate theft. A simple set of corporate security policies and procedures can be implemented as a protective measure. These may include: having all visitors escorted by a responsible employee any time they are within company office space, performing more comprehensive background investigations on prospective employees, keeping better records regarding the assigning of laptop computers to individual employees, instituting a policy of having all packages searched upon leaving the corporate facility and having security personnel maintain a log cataloging the model and serial number of every laptop computer exiting the facility along with the corresponding name of the employee or visitor. While the latter is likely to be considered a bit Draconian and may be met with some stiff employee resistance, it most assuredly will result in a measurable decrease in company laptop computer losses.
These innovative products and proactive measures should be regarded as important aspects to any comprehensive security system. Corporate security directors and facility managers should consider all or some of these when developing their overall corporate security protection plan.
SIDEBAR: Software Benefits
• Ability to work behind firewalls
• Compatibility with all email systems
• Compatibility with dial-up networking
• Compatibility with all anti-virus programs
• Secure 128-bit encryption of the message text
prevents plain text from being transmitted
through cyberspace
__
Some very innovative and
inexpensive products provide a higher level of protection for PCs.
