I have traveled the world in service to my last employer, schlepping along crates full of equipment, and have not yet had anything stolen or lost.
Several of my co-workers have not been so lucky. i-Phones were the most common items to be lost or stolen, most having simply been forgotten in cabs. A few laptops were lifted at meetings, some luggage lost or stolen. One co-worker got his car broken into twice, losing an i-Phone the first time and a laptop the second. Same mistake both time, he left them in plane sight in the car, parked on the street.
This article:
Gives a quick overview of how easy it is to get your electronics stolen, and some (but not all) of what is out there to help recover it.
My favorite quote?
"Tales of stolen phones and laptops being successfully retrieved are the exception to the rule. "
Keep that in mind. Once its been taken, getting it back is tough, REALLY tough.
In all truth, the hardware is rarely worth the effort of retrieval. Unless your talking super high end video editing laptop, or ...say..... the prototype to your brand new, not yet released, blockbuster device.... Your more likely worried about the data on the machine than the machine itself.
There are two major answers to the question of protecting data at rest (ie on the machine, not transferring over the network/Internet/tubes/what-have-you). The first is encryption, and the second is remote-wipe.
Oddly, some companies have taken a combined view of this. Apple, for instance, has instant wipe on its i-devices. This is essentially whole-disk encryption with a locally stored key, and the key is all that is wiped. Without the key, the rest of the data is theoretically beyond recall.
This sounds pretty good, fast and simple. However several security researchers have shown that its very easy to stop or reverse the wiping of the key, and then you have all the data.
Remote wipe works, generally speaking, OK for phones and other cellular devices. Laptops however, not so much.
Although I have used remote wipe to kill the odd stolen laptop, its tough to tell how well it worked. Then again, we were using a roll-your-own approach to the issue. There are purpose built programs that use dead-man's switch type activation, but then... what happens if you don't log in for a week?
Whole disk encryption is generally beter for laptops, but it is not without its own issues. First off is that it definitely causes a hit to performance. Its FAR better than it was 8 years ago when I first started working with it, but its still noticeable. It also makes supporting the device harder, but thats an annoyance to IT, not the end user. Lastly, I have all too much experience with WDE causing windows to crash and burn. This is not a windows specific issue, its just that I have more experience with it in windows than anything else.
Also, remember that the newer machines use SSDs, and there is very very good evidence that nothing is ever truly erased from them, not with a whole disk format, not when you overwrite... pretty much, its gonna take some thermite and shovel.
In the end there are no perfect answers, but at least work is being done. The most important thing is to keep in mind what is on the machine, and try not to lose it in the first place.
(easier said than done)
-knowmad
No comments:
Post a Comment