Laptop LoJack lowdown

GCN Insider | Trends & technologies that affect the way government does IT

Search and destroy: Oakley Networks' SureFind allows administrators to erase data on a stolen laptop.

Like any legislation, the recent laws and policies mandating agency disclosure of personnel data loss are open to interpretation. There is the intent of the law, and then there are the pragmatic things an organization must do to abide by the law. In the case of data loss, an agency could, in some cases and with the right software, find some wiggle room in reporting the actual loss of data.


A couple of companies have introduced software that lets organizations keep track of whether data on a stolen notebook PC has been accessed, in effect allowing their customers to safely say (or, more important, not have to say) that data on a stolen device remains unread by the thieves. SureFind, from Oakley Networks Inc. of Salt Lake City, can report on whether or not data on a purloined computer has been viewed and even erase any remaining sensitive data. Computrace Data Protection, from Absolute Software Corp. of Vancouver, British Columbia, offers similar functionality.


We spoke with Tom Bennett, vice president of marketing for Oakley, to find out how SureFind works. Each notebook contains a monitoring program that, in conjunction with an alteration to the firmware, monitors all user activity on that device. It also checks in regularly with a server within the organization's network. Should the unit be stolen, an administrator can issue commands from the server to the stolen notebook to erase all of its data and file a report on what materials have already been accessed.


Of course, this setup assumes that the stolen notebook is connected to the Internet at some point after the theft. And Bennett admits SureFind offers no resistance to serious espionage, in which someone deliberately steals a notebook specifically for the data, cracks the password and fetches the data in an isolated environment.


Rather, the software helps verify that in cases where the notebook was stolen for cash value or simply lost, the data was not accessed, thus relieving the agency of the embarrassing obligation to publicly report stolen data. So while agencies can reduce the number of 'false positives,' as Bennett put it, they still face the problem of securing data against real threats, a far more difficult problem.


About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected