Computrace Laptop Security Solutions




                     Author:   Abdollah Shirvani
                               S...
Endpoint Security Defined
Endpoint security is a security strategy that emphasizes distributing security
software onto end...
Ten Steps to a Layered Approach to Laptop Security
Here is a quick checklist of best practices for protecting data on mobi...
Contingency plans for security should be integrated with the organization’s overall
disaster recovery plans.


9. Use asse...
How Computrace Works




Figure 1

The Computrace Software Agent is built into computers from the world’s leading
computer...
Figure 2




Figure 3
Computrace has to date to resolve these issues yet I still receive gimmicky alerts. I
had originally wanted to pull their ...
2- Computer readiness
3- Outdated Anti virus Definition




4- Deta Delete summary
5- View /Mange Alerts




The Computrace® Agent
The Computrace® Agent is a small software client that can be embedded into...
Computrace Agent can survive operating system re-installations, hard drive reformats
and even hard drive replacements.
The...
Absolute Tracking and Recovery service and activates the Computrace BIOS support
module, then the extra level of security ...
The Computrace BIOS support module is shipped disabled and turned off from the
manufacturer. Once the customer installs th...
Phoenix And Absolute Software Combine to Make PCs
Secure From the Start With Built-in Asset Recovery and Tracking
About products:

The Computrace suite of software products provides a robust, multi-layered
security solution to enable or...
Computrace Plus - Theft Recovery & Essential ITAM
Computrace® Plus provides Computer Theft Recovery, Data Protection and b...
subscription to the monitoring service, making it an excellent tool to protect your
notebook from theft.

Key Features


 ...
References:
1- “SearchSecurity.com Definitions,” December 17, 2007, SearchSecurity.com
2- “Are Fortified Notebooks the Ans...
Computrace Laptop Security Solutions
Upcoming SlideShare
Loading in …5
×

Computrace Laptop Security Solutions

1,558 views
1,477 views

Published on

Computrace Laptop Security Solutions, Research by Abdollah Shirvani

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,558
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Computrace Laptop Security Solutions

  1. 1. Computrace Laptop Security Solutions Author: Abdollah Shirvani Shirvani.86@Gmail.com Research for Ramiran Co, Tehran, Iran, 2008 Introduction: A worldwide shift towards the use of mobile devices coupled with recently-enacted Data breach legislation has created a new challenge for IT organizations: balancing The enhanced productivity of mobile computing with the requirement to protect Sensitive information from data breach. Many organizations have tackled mobile Computer security with corporate policy, others with encryption technology. Both Strategies are heavily reliant on end-user diligence to remain effective. Only the Introduction of end-point security – the ability to force mobile computers to secure Themselves – offers end-users the freedom to embrace mobility and IT departments Robust protection for sensitive information.
  2. 2. Endpoint Security Defined Endpoint security is a security strategy that emphasizes distributing security software onto end-user devices such as mobile devices or laptop computers while retaining central management over the security software.1 traditionally, organizations used corporate firewalls and other intrusion detection systems to protect corporate networks from potentially compromised endpoints. In today’s laptop-dominated environment, endpoint security strategies place the responsibility for security on the device itself. This next generation of security strategy is already common in the form of anti-spam filters, desktop level firewalls and anti-virus software programs. Recognizing that organizations cannot rely on end-users to consistently follow IT policy or diligently apply security software, endpoint security seeks to eliminate the requirement for end-user involvement to be effective. The Layered Approach Single point solutions – such as encryption alone – are no longer enough to adequately protect an enterprise from all points of attack. IT departments getting by with minimal compliance protection expose themselves to unnecessary risks and potential liability. To reduce exposure and ensure full compliance with government regulations, a multifaceted or layered approach to mobile security and data protection is recommended, comprising Compliance, Protection and Recovery (CPR). Some of the steps involved in CPR include: Real-Time Asset Tracking – The ability to track in real-time every mobile Asset connected to an internal network or the Internet, and provide dynamic reporting, which helps with regulatory compliance. Data Encryption – The ability to protect mobile data from unauthorized Parties. Remote Data Delete – The ability to remotely delete sensitive information from a lost or stolen mobile device through commands issued centrally. Audit Logs – The ability to produce defensible records that can verify what sensitive information was lost or stolen, its encryption status and the Last known location of the mobile asset. Theft Recovery – The ability to locate and recover a lost or stolen Notebook over the Internet to assist law enforcement in retrieving stolen Hardware.
  3. 3. Ten Steps to a Layered Approach to Laptop Security Here is a quick checklist of best practices for protecting data on mobile Assets: 1. Understand the risks. As organizations open up their networks to their mobile work force, to partners, customers and others, they expose themselves to greater security risks than they encountered when traffic c was mostly internal. 2. be proactive. If you cannot identify the weaknesses in your network’s security, someone or something will find those vulnerabilities for you. Educate yourself on the tools and techniques used today by cyber criminals as well as other security risks. Data security is a moving target that requires ongoing attention. 3. Use cable locks on laptops as visual deterrents. Truth be told, most cable locks can be ripped off the plastic exterior of a laptop with a strong tug. Cable locks are therefore akin to ink-filled garment security tags in clothing stores: they leave a mark when removed by force, but are ineffective at preventing many thefts. 4. Avoid leaving unsecured notebooks unattended. Lock them in cupboards, notebook carts or other secure facilities when not in use. If they must be left in a vehicle, they should be covered up or locked in the trunk. 5. Keep laptops inconspicuous. Laptops should be carried in inconspicuous Carrying cases, such as backpacks or tote bags, instead of tell-tale laptop bags. 6. Install anti-virus software and firewalls. Prevent unauthorized access And protect valuable information with data encryption software. Keep all software products updated to the latest versions or patches to help minimize security holes. Ensure web servers, operating systems and line of business applications are fully patched. 7. Back-up valuable data on a scheduled basis. Data back-up needs to happen frequently to minimize the risk to the organization in the event of loss. 8. Create a contingency plan. Identify possible damage should a breach in security occur; also consider how customers would be served in the event of catastrophe.
  4. 4. Contingency plans for security should be integrated with the organization’s overall disaster recovery plans. 9. Use asset tracking and recovery software. Install an asset tracking and recovery tool such as Computrace Complete to track and recover computers that are lost or stolen, and monitor any changes or disappearances in computer memory, hard drives or peripherals. 10.Invest in advanced data protection. Computrace Data Protection allows customers to track fixed, remote and mobile computer assets and remotely wipe sensitive information in the event that a computer is lost, stolen or nearing the end of its lifecycle. About Absolute Software Absolute Software Corporation (TSX: ABT) is the leader in Computer Theft Recovery, Data Protection and Secure Asset Tracking™ solutions. Absolute Software provides organizations and consumers with solutions in the areas of regulatory compliance, data protection and theft recovery. The Company’s Computrace® software is embedded in the BIOS of computers by global leaders, including Dell, Fujitsu, Gateway, HP, Lenovo, Motion, Panasonic and Toshiba, and the Company has reselling partnerships with these OEMs and others, including Apple. For more information about Absolute Software and Computrace, visit: www.absolute.com or http://blog.absolute.com. According to Asbolute’s advertisement: LAPTOP SECURITY PREVENTS LAPTOP THEFT. Computrace is laptop security and tracking software which deters laptop theft and recovers stolen computers. Guaranteed. Absolute also provides software inventory, computer inventory, PC inventory, PC audits, IT asset management, asset tracking, software license management, and data security tools and services.
  5. 5. How Computrace Works Figure 1 The Computrace Software Agent is built into computers from the world’s leading computer manufacturers during the manufacturing process. Customers activate Computrace when they purchase a subscription to Absolute’s endpoint security solutions. When a computer protected by Computrace is reported stolen, the embedded Computrace agent sends a silent signal to Absolute’s Monitoring Center providing critical location information. Absolute then works with local law enforcement to recover the computer. If the missing computer cannot be recovered within 60 days, the Computrace customer may be eligible for a Recovery Guarantee of up to $1,000. The stealthy Computrace Software Agent can survive accidental or deliberate attempts at removal or disablement. With embedded support in the BIOS of a computer, the Computrace agent is capable of surviving operating system re- installations, as well as hard-drive reformats, replacements and re-imaging.
  6. 6. Figure 2 Figure 3
  7. 7. Computrace has to date to resolve these issues yet I still receive gimmicky alerts. I had originally wanted to pull their card and offer them the opportunity to find my machine and wipe it if they could, but my corporate attorney did not want me to bust their chops. I did ask them for a list of addresses I had logged in from and they first gave me a Department of Defense IP CIDR range to my amusement, they then returned an ISP in New Hampshire’s block to more amusement, but they never answered the core problems. So for the corporations out there looking to solve their woes with this program, I can tell you firsthand it is not all that .Absolute. And it can be defeated easily. If you.re trying to protect your information from theft follow SANS guidelines and have your IT staffs get a clue on encryption. Perhaps wait until Absolute gets their act together. Your money waste it as you.d like. Computrace customer center Computrace customer center include bellow part: 1- Computer summary
  8. 8. 2- Computer readiness
  9. 9. 3- Outdated Anti virus Definition 4- Deta Delete summary
  10. 10. 5- View /Mange Alerts The Computrace® Agent The Computrace® Agent is a small software client that can be embedded into the BIOS firmware “at the factory”, or installed like most software applications onto the hard drive of a computer. When embedded in the BIOS of computers by major OEMs, such as Dell, Fujitsu, Gateway, HP, Lenovo, Motion Computing, Panasonic and Toshiba, the
  11. 11. Computrace Agent can survive operating system re-installations, hard drive reformats and even hard drive replacements. The ability to withstand these changes is critical in order to survive unauthorized removal attempts as well as work seamlessly with customers' break/fix and IMAC (Install/Move/Add/Change) processes. Here's How It Works The Computrace application is loaded on the hard drive of a computer while support for the Computrace agent is embedded in the BIOS or firmware. If the hard drive is reformatted or replaced, the Computrace Agent support in the BIOS rebuilds the necessary application files on the hard drive as required by the customer. The Computrace® Technology Platform is the client/server architecture that delivers Absolute Software’s Computer Theft Recovery, Data Protection and Secure Asset Tracking™ services. Thanks to the hands-free communication (over IP or PSTN) between the secure, patented Computrace Agent client and the Monitoring Center server, Absolute’s security services are exceptionally easy to manage on all computers across the enterprise. Systems Supported Computrace is supported on 32-bit versions of Windows 2000, XP, Windows Server 2003 and all 32 and 64 bit editions of Windows Vista. Computrace is also supported on the following Apple platforms; Mac OSX 10.2, 10.3 and 10.4. (Please note that compatibility requires Computrace Agent version 804 or above) Computrace Embedded BIOS Support Absolute has partnered with leading computer manufacturers, such as Dell, Fujitsu, Gateway, General Dynamics, HP, Lenovo, Motion Computing, Panasonic and Toshiba to add an extra level of security, persistence and support for the Computrace agent. The Computrace BIOS support module is shipped disabled and turned off from the manufacturer. Once the customer installs the Computrace Agent, pays for the
  12. 12. Absolute Tracking and Recovery service and activates the Computrace BIOS support module, then the extra level of security and firmware persistence will be activated. Embedding support for the Computrace agent into the BIOS provides customers the highest level of persistence and allows the Computrace agent to survive operating system re-installations, hard drive reformats and even hard drive replacements. The ability to withstand these changes is critical in order to survive unauthorized removal attempts as well as to work seamlessly with customers' break/fix and IMAC processes. The Computrace BIOS support placement provides our customers the best performing computer theft recovery, secure asset tracking and data protection services available on the market today. Manufacturers, Makes and Models Supported The following is a list of the computer manufacturers, makes and models that provide Computrace embedded support in the BIOS. New lines of computers are added on a regular basis – if there is a particular computer make/model you are interested in, please be sure to ask an Absolute sales representative. For older computers or computers not listed below, a BIOS Flash may be available; a sales representative will be able to advise you on the models.
  13. 13. The Computrace BIOS support module is shipped disabled and turned off from the manufacturer. Once the customer installs the Computrace Agent, pays for the Absolute Tracking and Recovery service and activates the Computrace BIOS support module, then the extra level of security and firmware persistence will be activated. For active Computrace BIOS support modle we need to understanding the laptop serial number:
  14. 14. Phoenix And Absolute Software Combine to Make PCs Secure From the Start With Built-in Asset Recovery and Tracking
  15. 15. About products: The Computrace suite of software products provides a robust, multi-layered security solution to enable organizations to address issues of regulatory compliance, data protection, computer theft recovery and asset tracking. Computrace Complete - Ultimate Laptop Protection Computrace Complete, Absolute’s flagship product, is a comprehensive solution that combines Computer Theft Recovery, Data Protection, Secure Asset Tracking and the peace of mind offered by a Recovery Guarantee. Computrace Complete allows IT administrators to centrally manage corporate IT assets by monitoring computer movement, call history, asset leasing information and software license compliance. It also offers up to a $1000 Recovery Guarantee if a stolen computer cannot be located within 30-60 days. An optional Data Delete service is also available. Computrace Data Protection - Remote Data Deletion Computrace Data Protection allows customers to track stationary, remote and mobile computer assets and remotely wipe sensitive data if the computer is lost, stolen or nearing the end of its lifecycle. The product is centrally managed by the IT department, providing visibility for up to 100% of their connected computer assets.
  16. 16. Computrace Plus - Theft Recovery & Essential ITAM Computrace® Plus provides Computer Theft Recovery, Data Protection and basic Secure Asset Tracking™ reports. Computrace Plus enables IT professionals to track their organization’s computer assets, recover lost or stolen machines and remotely wipe sensitive data if a computer is lost, stolen or nearing the end of its lifecycle. Absolute Track - Superior IT Asset Tracking Absolute Track is an ideal Asset Tracking solution for corporate, government and education environments. Traditional asset management systems can lose track of IT assets such as laptops when they disconnect from the LAN or drift to unknown locations. With Absolute Track, the Computrace agent installed within the laptop reports changes in asset information on a daily basis regardless of location, allowing IT departments to centrally manage their entire computer population, including remote and mobile assets. Computrace LoJack for Laptops - Theft Recovery for Consumers Computrace LoJack for Laptops is the leading solution for Computer Theft Recovery for home office, small business and consumers. Computrace LoJack for Laptops includes a money-back guarantee and provides users with peace of mind when it comes to their home computers. The Computrace LoJack for Laptops for Windows (1-Year Subscription) from Lo Jack is an anti-theft security software package that installs on your computer. Computrace transmits data back to Lo Jack on the computer's location based on its IP address. The software runs in the background and requires a user password to be removed, making it difficult for a thief to uninstall from a computer. Lo Jack will work with local police to locate a stolen computer. The software features a 1-Year
  17. 17. subscription to the monitoring service, making it an excellent tool to protect your notebook from theft. Key Features Laptop Recovery Lo Jack recovers over 90% of notebooks that are reported stolen with their Computrace software system. In contrast, police report that approximately 97% of laptops that are stolen are never recovered. Having Computrace installed on your computer dramatically increases your chances of getting it back. IP Tracing Computrace uses a computer's IP address -- it's unique address on the Internet -- to trace its physical location. Once a notebook is reported stolen the software will transmit its location to Lo Jack every 15 minutes. 1-Year Subscription The software comes with a 1-Year subscription to the Lo Jack service. You can extend the subscription when the terms expire, ensuring protection of your computer for its entire life-cycle. Absolute Software statistics Absolute Software works with law enforcement agencies to recover lost and stolen computers and to provide evidence for the prosecution of thieves. Recovering stolen computers is an important step in laptop and data security practices. Absolute Software has now returned 5000 stolen computers - that’s 5000 computers whose data has been secured, that don’t need to be replaced, and that help put laptop thieves behind bars. Some statistics about laptop security:  The theft rate of business computers is 3.5% - 5%. With Computrace, this drops to less than 0.5%  97% of stolen computers are never recovered  Absolute Software recovers an average of 50 laptops per week  Absolute Software recovers 3 out of 4 stolen computers
  18. 18. References: 1- “SearchSecurity.com Definitions,” December 17, 2007, SearchSecurity.com 2- “Are Fortified Notebooks the Answer?,” May 19, 2006, Processor.com. 3- “2007 Annual Study: US Average Cost of a Data Breach,” November, 2007, Ponemon Institute, LLC 4- “The Inside Job,” August 13, 2007, Information Age 5- “Bill 1386 Chaptered” February 12, 2002, California State Senate 6- “2007 Annual Study: US Average Cost of a Data Breach,” November, 2007, Ponemon Institute, LLC 7- “Research Concepts Computer Security Survey Commissioned by Absolute Software,” September, 2007. 8- Ken Bates and Chelle Pell, “Keeping You and Your Property Safe: A Guide to Safety and Security on the Stanford Campus,” Stanford University Department of Public Safety, http://ora.stanford.edu/supporting_files/keep_safe.ppt. 9- “Survey of 400 Absolute Software Corporate Customers” June, 2007, Absolute Software 10- “Seagate Targets Data Theft with Encrypted Hard Drive” September, 2007, Dark Reading 11- “Forrester Loses Laptop Containing Personnel Data” December 2007, week 12- “Two Charged in VA Laptop Theft” August 2006, CSO 13- “BCBSM Responds to Protect Members Affected by Security Incidents” July 2007, BCBCM Corporate Website 14- Please visit http://www.absolute.com/PDF/EULA.pdf for full terms and Conditions. 15-list of BIOS-supported computers visit www.absolute.com/BIOS

×