FRAMINGHAM (02/07/2000) - Notebook computers are obvious and attractive targets for thieves because they're easily concealed, expensive and likely to contain valuable information. Statistics bear this out. Last year, 303,000 notebooks were stolen in the U.S., according to Safeware, The Insurance Agency Inc. in Columbus, Ohio. It's no surprise that a small industry exists to prevent the loss of notebook hardware and data and to help with their recovery. You can lock down notebooks with special hardware or install alarm systems that can tell when portables are being carried out the door without authorization. You can tighten data security by replacing typed passwords with smart cards and biometric authentication or use special software to track down lost computers.
I tried three different approaches that are likely to appeal to senior-level road warriors: a portable alarm, a tracking-and-recovery software/service hybrid and voice-verification software.
It's hard to pick one best approach. I recommend Bellevue, Wash.-based Absolute Software Inc.'s CompuTrace tracking product if you've got a large fleet of notebooks and concerns about loss due to unreturned loans, inadequate asset-management procedures and carelessness. Anaheim, Calif.-based Targus Inc.'s Defcon 1 alarm makes sense if expensive equipment is of equal or greater concern than loss of corporate data. If you're paranoid about carrying around secrets and less concerned about hardware costs, Tampa, Fla.-based SAFLink Corp.'s SAFtyLatch reduces to nearly zero the chances that someone other than you will read your most precious files.
The hardware is what most people value, according to Ken Dulaney, an analyst at Gartner Group Inc. "I've heard of people getting fired for losing things," he says.
Dulaney predicts that fingerprint recognition will be a winner for data loss prevention, but he dismisses theft-prevention gadgets. He says Stamford, Conn.-based Gartner bought an alarm for every notebook user, but they mostly fell into disuse.
"The No. 1 deterrent is training," Dulaney says. "Make employees aware of the dangers, be explicit about their responsibilities and hold them to those responsibilities."
Essex is a freelance writer in Antrim, N.H.
Defcon 1
Targus Inc.
www.targus.com
$49
The idea behind the Defcon 1 alarm, like any theft alarm, is simple: Scare and embarrass the perpetrator while exposing his identity to bystanders. Gartner analyst Ken Dulaney says the problem with such alarms is that they're too likely to embarrass their owners if used incorrectly. To remedy this, Targus recently changed Defcon 1 to incorporate both high and low sensitivity levels, so it goes off within two and eight seconds, respectively, of detecting excessive motion. Before reaching that "alarming" stage, it'll chirp at every bump and vibration. The old version went off immediately, and people complained, Targus acknowledges.
To arm the battery-operated Defcon 1, which is the size of a cell phone, you thread its adjustable 4.7-ft. cable through a metal loop on your carrying case or through the included Security Lock Adapter, which plugs into the little lock slot on most notebooks. Dial your four-digit combination, plug the other end of the cable into the lock port, press a button once or twice, and the Defcon 1 flashes an LED to tell you it's working. If triggered, the alarm sounds for 45 seconds, and the Defcon 1 rearms itself. You turn the alarm off by dialing your combination and pressing a release button. The Defcon 1 can also be a plain old lock and cable, a whole theft-prevention category by itself, but with the advantage of sounding the alarm if anyone tries to cut the cable or tamper with the setup.
My Defcon 1 worked exactly as advertised. The directions are clear, and it takes only seconds to understand how to work the few moving parts. And oh, yes, the 110db alarm is loud and piercing, and not much quieter if you try to muffle it with your hand.
CompuTrace 6.21
Absolute Software Inc.
www.absolute.com
$79
CompuTrace is a lot like LoJack for computers. But unlike the radio-based service for tracking down stolen cars, CompuTrace sends its "here-I-am" signal over phone lines (just-released Version 7.0 also uses the Internet) to Absolute Software's offices. A 64KB program, which the company says can't be deleted, stealthily detects the presence of a phone line and calls a monitoring center every seven days, without making a sound or changing the screen. My phone's indicator lights showed something was happening, but that was all. Absolute Software says it's working to control all external indications of the call.
CompuTrace also doubles as an asset-tracking program, since many notebooks aren't actually stolen, just misplaced. You go to a special site to view the electronic serial number, model name, manufacturer's serial number and other identifying information you choose, for each system that has the software.
Phone numbers recently dialed from the system can give you an idea where the misplaced machine may be. Report a unit stolen, and a recovery team works with law enforcement officials to find it at no extra charge, sneakily downloading to the system instructions to dial in every 15 minutes or so.
CompuTrace can be tricky to set up because it sometimes requires new modem and Windows telephony settings. But it's a feasible theft-recovery tool that also makes a handy asset tracker for information technology.
SAFtyLatch 1.05
SAFLink Corp.
www.saftylatch.com
$59.95
Biometric security replaces alphanumeric passwords with unique personal characteristics, such as fingerprints or iris patterns, and it's poised to take off. Standards are in the works, and IBM, Intel Corp. and Microsoft Corp., among others, are getting behind it.
Until notebooks have fingerprint readers built in, perhaps later this year, one of the more practical biometric security approaches is voice-verification products that use the notebook's microphone and sound card. I looked at SAFtyLatch, which also comes with a microphone in case your notebook lacks one.
SAFLink's software also works with other types of biometric input.
SAFtyLatch sets up quickly. You install the files, test the microphone, record, "My voice is my password" three times, then verify the recording one final time. Verification software from Ieper, Belgium-based Lernout & Hauspie Speech Products NV, which develops speech-recognition software, analyzes the recording for unique patterns. From then on, instead of typing a password, you speak the phrase (your "SAFtyPIN"). If it matches the approved pattern, you're in; anyone else gets rejected. SAFtyLatched file folders are encrypted with ultra-secure 448-bit Blowfish technology, although it's not possible to secure individual files.
I got two false rejections, less serious than false positives and no more inconvenient than mistyped passwords. SAFtyLatch is also an easy way for home users to keep kids from accidentally deleting important files, and you can set up multiple SAFtyPINs. It's more secure and easier to manage than traditional passwords, and a lot more fun besides.