http://www.fcw.com/fcw/articles/2002/1230/web-comp-12-30-02.asp By Michelle Speir Dec. 30, 2002 Theft happens. And in the case of notebook computers, it happens a lot. When preventive measures fail and a notebook is stolen, the focus then becomes recovery. One breed of recovery products tracks the machine via an agent that notifies a central command center every time the computer connects to the Internet. Then, with the aid of local law enforcement, the information can be used to pinpoint the physical location of the machine. We reviewed one such product earlier this year ("PC PhoneHome tracks missing computers"). That product, from Brigadoon Software Inc., can physically track lost or stolen computers but it does not have any control over the data on the machine, as is true for most products of this type. But now, a new feature in Absolute Software Corp.'s ComputracePlus product raises the bar for computer-tracking software. The feature is called Data Delete and, as the name indicates, it deletes data from a stolen machine. Like other tracking products, ComputracePlus tracks the physical location of missing computers by programming its agent to automatically call Absolute's customer support center at regular intervals when connected to the Internet. The default frequency is once a day, but once a machine is reported stolen, the frequency increases to every 15 minutes. The agent is invisible to the user and can survive a hard drive reformat, F-disk command and hard drive repartitioning. According to Absolute, ComputracePlus is the only product on the computer-tracking market that can withstand these attempts at removal. Before a theft Thanks to the many reports it produces, ComputracePlus is useful even before a machine is stolen. Administrators can use it to track the location of computers to make sure they are being used only in authorized locations (at the office and not at home, for example, or in certain departments). They also can use it to monitor the software loaded on each machine, check for outdated virus definitions, and track leasing information and inventory. Reports are accessible through Absolute's Web site, and we were impressed with the site's ease of use. All 19 reports are listed on one page and grouped into several major categories such as asset inventory and security. Various sorting options are available, along with download, print and save functions. In addition to reports, the Web site offers administrative functions, such as user management, data management, alert creation and account management. There is also an online theft report form. Data Delete To experience the data deletion process, we followed the same procedure a customer would follow. First, we called Absolute's customer support center to request the deletion. The company then e-mailed us a document packet with instructions and authorizations to sign. The cost per use is $200, which is not included in ComputracePlus' purchase price. The documents release Absolute from liability for the operation and also state that the company cannot guarantee the operation's completion. One certification signature and two authorization signatures are required, and customers can choose whether to have the operating system deleted along with the data. The document packet also includes forms for rescinding the delete order. However, once data is deleted, it cannot be retrieved, so if the process has begun, some data will be lost permanently. After signing the documents, we faxed them to Absolute and within an hour — a time frame the company says is typical as long as a machine is connected to the Internet — our data was gone. If the computer is not connected at the time the company receives the request, the data will be deleted the next time it is connected. When we checked our test notebook after the deletion, all documents and applications were gone except Internet Explorer, which was the conduit for the Internet connection. We chose to preserve the operating system and it remained on the machine as instructed. We received a confirmation letter that included a chart containing information about the deletion, such as the number of files deleted, hard drive space before and after deletion, and the Computrace agent's call history. Conclusion ComputracePlus goes a long way toward protecting computer assets and, perhaps more importantly, the data stored on them. The product is also a useful tool for managing and tracking an agency's inventory, even if a theft never occurs. Just remember that a product like this has limitations. For example, a thief could view data or copy it to disks before connecting to the Internet. Also, if the thief is at the computer while the data delete process is taking place, he or she might notice it and could disconnect the machine and stop the process. Finally, some thieves are sophisticated enough to disguise their locations with false IP addresses. Because the agent is undetectable, however, chances are good that an average thief would not think to take such precautions. But professional thieves might be familiar enough with this type of technology that they would automatically operate as though a tracking agent were in place. While ComputracePlus may not be foolproof, it's certainly much better than nothing at all, offering agencies a good chance at recovering physical property and keeping sensitive data out of the wrong hands. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Dec 30 2002 - 08:07:12 PST