Security Tips for the Traveling Netbook, Laptop, and iPad

Updated: April 08, 2010

Labels and Loss Tracking

First the bad news: More than 10,000 laptops were left behind at airport TSA checkpoints in 2008 each and every week. Yes, per week. Even if you make it through the airport, travel of all kinds can be dicey. A few years ago, more than 4,500 laptops were left behind in taxis in the city of Chicago alone. These numbers don't include the thousands of outright laptop and netbook thefts each week.

To discourage theft, many security experts recommend avoiding special laptop carrying bags in general and bags with big logos in particular. Netbooks make following this suggestion easier, since their smaller form factor makes it easy to carry netbooks in briefcases and purses that would never hold a laptop. Few women leave their purses behind at TSA checkpoints, and carrying a briefcase instead of a briefcase and a laptop bag makes it that much easier to keep track of the briefcase.

Although many businesses worry about netbook and laptop thefts, the far more common situation is loss. When lost netbooks are found, almost always by an honest person willing to do a good deed, few can be returned because the owners didn't use loss labels.

Loss label services provide a unique identifying asset tag for netbooks (and laptops, phones, cameras, and any other device worth tracking with the space for a label). The labels show contact information, but for the service, not the owner. If the wrong person finds the netbook, giving them your home or business address may lead to more problems, but the loss label services eliminate that problem.

When the netbook finder contacts the loss label service via phone or Web site, the service arranges for the netbook's return. Finders can drop off the netbook at various locations, such as FedEx/Kinkos or a UPS Store, and the service provides the return shipping arrangements. Netbooks can be retrieved directly from the finder as well.

The two most popular loss label services are StuffBak and ImHonest. Both reward finders for their efforts, usually with free labels for their use. Labels costs a few dollars per small batch of labels upfront and for tracking the first year. Each year thereafter, a small charge per tracked item continues coverage.

When netbooks are targeted for theft, or are found by the less than honest, labels provide no value. In these cases, a tracking service provides the most protection.

Available as a standalone service or as part of a larger security suite, tracking services embed a small application onto the hard disk that connects back to a Web location upon booting or at other set intervals. Standalone services load the application onto the pre-boot loader of the hard disk so it runs before the operating system loads. Connections used to "phone home" include the Internet, WiFi, and 3G data networking.

When a netbook is reported as stolen to the service, the check-in connection is used to track the location of the netbook. Options include the ability to remotely erase sensitive data and even display warning messages onscreen for the thief. As has been reported in the news in early 2010, webcams can be activated remotely to view and capture the image of the person using the stolen netbook.

The leading loss tracking service is LoJack for Laptops, the consumer version of CompuTrace from Absolute.com. They have recovered thousands of lost laptops over the years, and will assist local police by providing boilerplate paperwork for search warrants. Other security and management applications may include a loss tracking module as an option, so check with your current vendor.

Netbook Data Safety and Security

Whether your netbook is lost or stolen, you want to keep the data private. In fact, federal regulations force many companies to follow Data Breach Notification Laws when a lost netbook includes certain data. There are two steps to keep data private: block access to the netbook files with sign-on security, and fully encrypt the disk so no data can be read by unauthorized users.

First, set some type of security to block unauthorized users from accessing your netbook. No, the Windows login username and password is not considered security and will not protect your data against any hacker out of elementary school.

Some large companies will not authorize netbooks for employees because they don't support biometric authentication. In other words, netbooks don't have fingerprint readers currently, and the major netbook vendors in the US (Dell and HP) both say they have no interest in adding them.

However, every netbook has a webcam, and facial recognition software qualifies as biometric security. Lenovo included their VeriFace facial recognition software on a recent line of netbooks, and several other vendors such as KeyLemon offer add-on software. MSI's Wind netbooks can use their EasyFace software to log into Windows as well. Whether large enterprises begin to accept these tools to fulfill their security policies demanding biometric authentication remains to be seen.

Those users with critical data on their netbooks and laptops will realize that authentication utilities can be bypassed by removing the hard disk. Full disk encryption, however, will keep data secure no matter what tricks are tried by data thieves.

Although Windows BitLocker offers disk encryption by folder, only FDE (Full Disk Encryption) meets the security standards for critical data protection. FDE utilities block the operating system from loading by using the pre-boot loader section to launch their protective software (encryption and loss tracking vendors work together and have learned to co-exist on the same hard drive without problems).

All FDE software works on all netbooks, as do all the loss tracking software applications. Corporate security departments have access to a variety of FDE tools. Smaller businesses looking for security on a budget should check out PGP for their low cost encryption, and TrueCrypt for their free, Open Source Software application.

Once your hard disk is protected by full disk encryption, no thief will read your data, period. Security at this level also stops anyone who finds your lost netbook from starting your browser and accessing company sites you have saved in your bookmarks, such as online banking. Accessing company networks over a Virtual Private Network is impossible on a found netbook with proper security.

Some users never copy files to their netbook, instead relying on services like Google Docs to store their files. However, even those people often make local copies for times they can't access the Internet. No matter the policies in place about local file storage, every netbook and laptop have some local files that should be backed up.

For individually owned netbooks or small businesses, consumer products such as Carbonite and Mozy lead the online backup market. Hundreds of other hosted backup companies, such as SpiderOak, also offer a fair amount of free backup storage (usually 2GBs) and a small monthly charge for more online storage ($5 per month or less).

Larger companies with more advanced local backup software utilities will likely enable local backups for netbooks each time the netbook returns connects directly to the company network. While traveling, the backup utility may send new and changed files to a backup location on the company network or to a hosted backup location to ensure data protection while out of the office.

Company owned netbooks, like laptops, should have a disk image stored for fast restoration in case of dramatic disk failure. Individuals or very small businesses with the original operating system and application disks can recreate the original disk image for free, but not quickly. Most local backup utilities now include the ability to make disk image snapshots for fast restoration of a complete hard disk installation.

Related Categories
Featured Research
  • Baselining Best Practices

    IT must ensure new applications are rolled out quickly, reliably, and without risk, while at the same time guaranteeing performance and availability. Read this VirtualWisdom white paper to find out how to achieve application-aligned infrastructure performance, and more. more

  • Next Generation End User Experience Management: APM

    In an era of new technologies and cloud-based application delivery models, your business success depends on your ability to ensure optimal application performance and quality user experiences at all times. This complimentary white paper from AppNeta will enlighten you to the new frontiers in end user experience management and much more. more

  • Optimizing Application Delivery to the Network Edge

    Increasingly, the success of business is being tied to the network. The transformation of the network and IT can help organizations deliver and support highly available applications and services while reacting more quickly to changes in the business environment. In this complimentary white paper from IDC, learn how HP can help its customers and partners improve the overall application experience. more

  • Networking Routers Buyer's Guide for SMB & Enterprise

    This buyer's guide presents an overview of leading products on the market today and aims to improve research for companies needing to purchase or upgrade their equipment. more