1. Computrace Laptop Security Solutions
Author: Abdollah Shirvani
Shirvani.86@Gmail.com
Research for Ramiran Co, Tehran, Iran, 2008
Introduction:
A worldwide shift towards the use of mobile devices coupled with recently-enacted
Data breach legislation has created a new challenge for IT organizations: balancing
The enhanced productivity of mobile computing with the requirement to protect
Sensitive information from data breach. Many organizations have tackled mobile
Computer security with corporate policy, others with encryption technology. Both
Strategies are heavily reliant on end-user diligence to remain effective. Only the
Introduction of end-point security – the ability to force mobile computers to secure
Themselves – offers end-users the freedom to embrace mobility and IT departments
Robust protection for sensitive information.
2. Endpoint Security Defined
Endpoint security is a security strategy that emphasizes distributing security
software onto end-user devices such as mobile devices or laptop computers while
retaining central management over the security software.1 traditionally,
organizations used corporate firewalls and other intrusion detection systems to
protect corporate networks from potentially compromised endpoints. In today’s
laptop-dominated environment, endpoint security strategies place the
responsibility for security on the device itself. This next generation of security
strategy is already common in the form of anti-spam filters, desktop level firewalls
and anti-virus software programs.
Recognizing that organizations cannot rely on end-users to consistently follow IT
policy or diligently apply security software, endpoint security seeks to eliminate the
requirement for end-user involvement to be effective.
The Layered Approach
Single point solutions – such as encryption alone – are no longer enough to
adequately protect an enterprise from all points of attack. IT departments getting by
with minimal compliance protection expose themselves to unnecessary risks and
potential liability. To reduce exposure and ensure full compliance with government
regulations, a multifaceted or layered approach to mobile security and data
protection is recommended, comprising Compliance, Protection and Recovery
(CPR). Some of the steps involved in CPR include:
Real-Time Asset Tracking – The ability to track in real-time every mobile Asset
connected to an internal network or the Internet, and provide dynamic reporting,
which helps with regulatory compliance.
Data Encryption – The ability to protect mobile data from unauthorized Parties.
Remote Data Delete – The ability to remotely delete sensitive information from a
lost or stolen mobile device through commands issued centrally.
Audit Logs – The ability to produce defensible records that can verify what
sensitive information was lost or stolen, its encryption status and the Last known
location of the mobile asset.
Theft Recovery – The ability to locate and recover a lost or stolen Notebook over
the Internet to assist law enforcement in retrieving stolen Hardware.
3. Ten Steps to a Layered Approach to Laptop Security
Here is a quick checklist of best practices for protecting data on mobile Assets:
1. Understand the risks. As organizations open up their networks to their mobile
work force, to partners, customers and others, they expose themselves to greater
security risks than they encountered when traffic c was mostly internal.
2. be proactive. If you cannot identify the weaknesses in your network’s security,
someone or something will find those vulnerabilities for you. Educate yourself on
the tools and techniques used today by cyber criminals as well as other security
risks. Data security is a moving target that requires ongoing attention.
3. Use cable locks on laptops as visual deterrents. Truth be told, most cable locks
can be ripped off the plastic exterior of a laptop with a strong tug. Cable locks are
therefore akin to ink-filled garment security tags in clothing stores: they leave a
mark when removed by force, but are ineffective at preventing many thefts.
4. Avoid leaving unsecured notebooks unattended. Lock them in cupboards,
notebook carts or other secure facilities when not in use. If they must be left in a
vehicle, they should be covered up or locked in the trunk.
5. Keep laptops inconspicuous. Laptops should be carried in inconspicuous
Carrying cases, such as backpacks or tote bags, instead of tell-tale laptop bags.
6. Install anti-virus software and firewalls. Prevent unauthorized access
And protect valuable information with data encryption software.
Keep all software products updated to the latest versions or patches to help
minimize security holes. Ensure web servers, operating systems and line of business
applications are fully patched.
7. Back-up valuable data on a scheduled basis. Data back-up needs to happen
frequently to minimize the risk to the organization in the event of loss.
8. Create a contingency plan. Identify possible damage should a breach in security
occur; also consider how customers would be served in the event of catastrophe.
4. Contingency plans for security should be integrated with the organization’s overall
disaster recovery plans.
9. Use asset tracking and recovery software. Install an asset tracking and
recovery tool such as Computrace Complete to track and recover computers that are
lost or stolen, and monitor any changes or disappearances in computer memory,
hard drives or peripherals.
10.Invest in advanced data protection. Computrace Data Protection allows
customers to track fixed, remote and mobile computer assets and remotely wipe
sensitive information in the event that a computer is lost, stolen or nearing the end
of its lifecycle.
About Absolute Software
Absolute Software Corporation (TSX: ABT) is the leader in Computer Theft
Recovery, Data Protection and Secure Asset Tracking™ solutions. Absolute Software
provides organizations and consumers with solutions in the areas of regulatory
compliance, data protection and theft recovery. The Company’s Computrace®
software is embedded in the BIOS of computers by global leaders, including Dell,
Fujitsu, Gateway, HP, Lenovo, Motion, Panasonic and Toshiba, and the Company has
reselling partnerships with these OEMs and others, including Apple.
For more information about Absolute Software and Computrace, visit:
www.absolute.com or http://blog.absolute.com.
According to Asbolute’s advertisement:
LAPTOP SECURITY PREVENTS LAPTOP THEFT.
Computrace is laptop security and tracking software which deters laptop theft and
recovers stolen computers. Guaranteed. Absolute also provides software inventory,
computer inventory, PC inventory, PC audits, IT asset management, asset tracking,
software license management, and data security tools and services.
5. How Computrace Works
Figure 1
The Computrace Software Agent is built into computers from the world’s leading
computer manufacturers during the manufacturing process. Customers activate
Computrace when they purchase a subscription to Absolute’s endpoint security
solutions. When a computer protected by Computrace is reported stolen, the
embedded Computrace agent sends a silent signal to Absolute’s Monitoring Center
providing critical location information. Absolute then works with local law
enforcement to recover the computer. If the missing computer cannot be recovered
within 60 days, the Computrace customer may be eligible for a Recovery Guarantee
of up to $1,000. The stealthy Computrace Software Agent can survive accidental or
deliberate attempts at removal or disablement. With embedded support in the BIOS
of a computer, the Computrace agent is capable of surviving operating system re-
installations, as well as hard-drive reformats, replacements and re-imaging.
7. Computrace has to date to resolve these issues yet I still receive gimmicky alerts. I
had originally wanted to pull their card and offer them the opportunity to find my
machine and wipe it if they could, but my corporate attorney did not want me to
bust their chops. I did ask them for a list of addresses I had logged in from and they
first gave me a Department of Defense IP CIDR range to my amusement, they then
returned an ISP in New Hampshire’s block to more amusement, but they never
answered the core problems.
So for the corporations out there looking to solve their woes with this program, I
can tell you firsthand it is not all that .Absolute. And it can be defeated easily. If
you.re trying to protect your information from theft follow SANS guidelines and
have your IT staffs get a clue on encryption.
Perhaps wait until Absolute gets their act together. Your money waste it as you.d
like.
Computrace customer center
Computrace customer center include bellow part:
1- Computer summary
10. 5- View /Mange Alerts
The Computrace® Agent
The Computrace® Agent is a small software client that can be embedded into the BIOS
firmware “at the factory”, or installed like most software applications onto the hard drive
of a computer. When embedded in the BIOS of computers by major OEMs, such as Dell,
Fujitsu, Gateway, HP, Lenovo, Motion Computing, Panasonic and Toshiba, the
11. Computrace Agent can survive operating system re-installations, hard drive reformats
and even hard drive replacements.
The ability to withstand these changes is critical in order to survive unauthorized removal
attempts as well as work seamlessly with customers' break/fix and IMAC
(Install/Move/Add/Change) processes.
Here's How It Works
The Computrace application is loaded on the
hard drive of a computer while support for the
Computrace agent is embedded in the BIOS or
firmware.
If the hard drive is reformatted or replaced, the
Computrace Agent support in the BIOS rebuilds
the necessary application files on the hard
drive as required by the customer.
The Computrace® Technology Platform is the client/server architecture that
delivers Absolute Software’s Computer Theft Recovery, Data Protection and Secure
Asset Tracking™ services. Thanks to the hands-free communication (over IP or
PSTN) between the secure, patented Computrace Agent client and the Monitoring
Center server, Absolute’s security services are exceptionally easy to manage on all
computers across the enterprise.
Systems Supported
Computrace is supported on 32-bit versions of Windows 2000, XP, Windows Server
2003 and all 32 and 64 bit editions of Windows Vista. Computrace is also supported
on the following Apple platforms; Mac OSX 10.2, 10.3 and 10.4. (Please note that
compatibility requires Computrace Agent version 804 or above)
Computrace Embedded BIOS Support
Absolute has partnered with leading computer manufacturers, such as Dell, Fujitsu,
Gateway, General Dynamics, HP, Lenovo, Motion Computing, Panasonic and Toshiba
to add an extra level of security, persistence and support for the Computrace agent.
The Computrace BIOS support module is shipped disabled and turned off from the
manufacturer. Once the customer installs the Computrace Agent, pays for the
12. Absolute Tracking and Recovery service and activates the Computrace BIOS support
module, then the extra level of security and firmware persistence will be activated.
Embedding support for the Computrace agent into the BIOS provides customers the
highest level of persistence and allows the Computrace agent to survive operating
system re-installations, hard drive reformats and even hard drive replacements. The
ability to withstand these changes is critical in order to survive unauthorized
removal attempts as well as to work seamlessly with customers' break/fix and IMAC
processes. The Computrace BIOS support placement provides our customers the
best performing computer theft recovery, secure asset tracking and data protection
services available on the market today.
Manufacturers, Makes and Models Supported
The following is a list of the computer manufacturers, makes and models that
provide Computrace embedded support in the BIOS. New lines of computers are
added on a regular basis – if there is a particular computer make/model you are
interested in, please be sure to ask an Absolute sales representative. For older
computers or computers not listed below, a BIOS Flash may be available; a sales
representative will be able to advise you on the models.
13.
14. The Computrace BIOS support module is shipped disabled and turned off from the
manufacturer. Once the customer installs the Computrace Agent, pays for the
Absolute Tracking and Recovery service and activates the Computrace BIOS support
module, then the extra level of security and firmware persistence will be activated.
For active Computrace BIOS support modle we need to understanding the laptop
serial number:
15. Phoenix And Absolute Software Combine to Make PCs
Secure From the Start With Built-in Asset Recovery and Tracking
16. About products:
The Computrace suite of software products provides a robust, multi-layered
security solution to enable organizations to address issues of regulatory compliance,
data protection, computer theft recovery and asset tracking.
Computrace Complete - Ultimate Laptop Protection
Computrace Complete, Absolute’s flagship product, is a comprehensive solution that
combines Computer Theft Recovery, Data Protection, Secure Asset Tracking and the
peace of mind offered by a Recovery Guarantee. Computrace Complete allows IT
administrators to centrally manage corporate IT assets by monitoring computer
movement, call history, asset leasing information and software license compliance.
It also offers up to a $1000 Recovery Guarantee if a stolen computer cannot be
located within 30-60 days. An optional Data Delete service is also available.
Computrace Data Protection - Remote Data Deletion
Computrace Data Protection allows customers to track stationary, remote and mobile
computer assets and remotely wipe sensitive data if the computer is lost, stolen or nearing
the end of its lifecycle. The product is centrally managed by the IT department, providing
visibility for up to 100% of their connected computer assets.
17. Computrace Plus - Theft Recovery & Essential ITAM
Computrace® Plus provides Computer Theft Recovery, Data Protection and basic
Secure Asset Tracking™ reports. Computrace Plus enables IT professionals to track
their organization’s computer assets, recover lost or stolen machines and remotely
wipe sensitive data if a computer is lost, stolen or nearing the end of its lifecycle.
Absolute Track - Superior IT Asset Tracking
Absolute Track is an ideal Asset Tracking solution for corporate, government and
education environments. Traditional asset management systems can lose track of IT
assets such as laptops when they disconnect from the LAN or drift to unknown
locations. With Absolute Track, the Computrace agent installed within the laptop
reports changes in asset information on a daily basis regardless of location, allowing
IT departments to centrally manage their entire computer population, including
remote and mobile assets.
Computrace LoJack for Laptops - Theft Recovery for Consumers
Computrace LoJack for Laptops is the leading solution for Computer Theft Recovery
for home office, small business and consumers. Computrace LoJack for Laptops
includes a money-back guarantee and provides users with peace of mind when it
comes to their home computers.
The Computrace LoJack for Laptops for Windows (1-Year Subscription) from Lo Jack
is an anti-theft security software package that installs on your computer.
Computrace transmits data back to Lo Jack on the computer's location based on its
IP address. The software runs in the background and requires a user password to be
removed, making it difficult for a thief to uninstall from a computer. Lo Jack will
work with local police to locate a stolen computer. The software features a 1-Year
18. subscription to the monitoring service, making it an excellent tool to protect your
notebook from theft.
Key Features
Laptop Recovery
Lo Jack recovers over 90% of notebooks that are reported stolen with their
Computrace software system. In contrast, police report that approximately
97% of laptops that are stolen are never recovered. Having Computrace
installed on your computer dramatically increases your chances of getting it
back.
IP Tracing
Computrace uses a computer's IP address -- it's unique address on the
Internet -- to trace its physical location. Once a notebook is reported stolen
the software will transmit its location to Lo Jack every 15 minutes.
1-Year Subscription
The software comes with a 1-Year subscription to the Lo Jack service. You
can extend the subscription when the terms expire, ensuring protection of
your computer for its entire life-cycle.
Absolute Software statistics
Absolute Software works with law enforcement agencies to recover lost and stolen
computers and to provide evidence for the prosecution of thieves. Recovering stolen
computers is an important step in laptop and data security practices. Absolute
Software has now returned 5000 stolen computers - that’s 5000 computers whose
data has been secured, that don’t need to be replaced, and that help put laptop
thieves behind bars.
Some statistics about laptop security:
The theft rate of business computers is 3.5% - 5%. With Computrace, this
drops to less than 0.5%
97% of stolen computers are never recovered
Absolute Software recovers an average of 50 laptops per week
Absolute Software recovers 3 out of 4 stolen computers
19. References:
1- “SearchSecurity.com Definitions,” December 17, 2007, SearchSecurity.com
2- “Are Fortified Notebooks the Answer?,” May 19, 2006, Processor.com.
3- “2007 Annual Study: US Average Cost of a Data Breach,” November, 2007,
Ponemon Institute, LLC
4- “The Inside Job,” August 13, 2007, Information Age
5- “Bill 1386 Chaptered” February 12, 2002, California State Senate
6- “2007 Annual Study: US Average Cost of a Data Breach,” November, 2007,
Ponemon Institute, LLC
7- “Research Concepts Computer Security Survey Commissioned by Absolute
Software,” September, 2007.
8- Ken Bates and Chelle Pell, “Keeping You and Your Property Safe: A Guide to
Safety and Security on the Stanford Campus,” Stanford University Department of
Public Safety, http://ora.stanford.edu/supporting_files/keep_safe.ppt.
9- “Survey of 400 Absolute Software Corporate Customers” June, 2007, Absolute
Software
10- “Seagate Targets Data Theft with Encrypted Hard Drive” September, 2007,
Dark Reading
11- “Forrester Loses Laptop Containing Personnel Data” December 2007, week
12- “Two Charged in VA Laptop Theft” August 2006, CSO
13- “BCBSM Responds to Protect Members Affected by Security Incidents” July
2007, BCBCM Corporate Website
14- Please visit http://www.absolute.com/PDF/EULA.pdf for full terms and
Conditions.
15-list of BIOS-supported computers visit www.absolute.com/BIOS