EXPERT RESPONSE
These PC-finder applications are pretty simple. They involve loading a software agent on a laptop that will periodically (when connected to the Internet) phone home and figure out if the device is listed as stolen. In the event the device is stolen, it provides information about the IP address and other network characteristics to assist law enforcement in locating the device. Presumably, this allows the proper authorities to find the device and return it to its rightful owner.
These services do work, as long as the local police are responsive to finding and retrieving the device. Is it worth the investment? There is no generic answer to that. The reality is a machine itself is worth a couple hundred bucks. This is a traditional insurance calculation. Security professionals should figure out the likelihood of their machine being stolen and its replacement value, and then make a decision on whether the insurance is a good bet – especially when there is no guarantee the machine will be recovered.
Another aspect of this decision isn't so much the value of the machine, but the value of the data it contains. If private data is kept on the device, then retrieving it as quickly as possible is critical, unless it has some type of full-disk encryption, so even if it is stolen and not recovered, the data on the computer is not exposed. Of course, if the machine's data is not backed up properly, the data could be invaluable.
Currently many more organizations opt for full-disk encryption over LoJack-type services. So I think it's safe to say that for a lot of organizations, the investment is not worth it.
More information:
|
