Free Laptop Tracking

[SecTrainer]

Check out Prey laptop tracker - free for up to 3 computers, or Pro account (fee) for more computers and/or more advanced features. Pro accounts scale all the way up to corporate level.

Prey not only provides tracking but also can execute selected actions such as taking photo of thief, sounding alarm, displaying an alert message on the screen ("This computer is stolen and is being tracked..."), locking the computer, etc....

http://preyproject.com/ - check out the video.

Of course, Prey is strictly software based so it would be defeated if the thief formats the hard drive (most thieves either don't bother or don't know how because then they have to install a new OS if they want to sell the laptop). For something more robust that can't be defeated that easily, you'd want to check out something like LoJack for laptops. You need to purchase or own one of the many laptop models that LoJack works with.

One thing that's interesting about Prey (and not offered by commercial products like Interguard's Laptop Cop) is that you can either use their service for tracking or set up your own server (which you might want to do in a corporate setting). For personal or small business purposes, you'd just use their tracking service.

[HotelSecurity]

I can not remember the last time we've had a laptop reported stolen in the hotel. I think it's been over 2 years.

Any guesses why? Probably because of the excellent Security

[N. A. Corbier]

All the laptops I have are Dell for Federal Government, so they have TPM and Computrace onboard. Computrace is a hardened solution resident in BIOS, which allows the computer tracking software to survive reformatting of MS Windows. I'm unsure if my copy (As installed in the Dell BIOS) of Computrace works with Windows 7, as the laptops are all Designed for Windows XP.

Prey, and options like it, are good for attempting to get your PC back. However, its an extremely good idea to protect the data on the drive from getting out into the wild. Here at Ground Zero, we require that our laptops connect to a Corporate VPN to access company files. This is not for security. This is for centralization of data. Even if you're accessing everything remotely through a Corporate VPN, some programs (Office...) will store data files locally on the drive.

Using various data forensics tools, or even simple programs to unerase files, a laptop thief can still access the confidential data that your trying to protect by sending it over a secure VPN connection.

Your best bet is to limit the amount of confidential data that is contained on laptops, have all of your laptops using secure encryption throughout the system drive, and using secure containers for high security data.

The TrueCrypt program is one (that I personally use) to secure the hard drive of all work laptops. This means that if the laptop is powered down, suspends to sleep, or hibernates, you must type a 40+ character password (Please make it 40+ characters, your data security depends on it) to get back into the HDD.

Again, however, even if you're running TrueCrypt on all your drives, accessing the internet through a secure VPN connection so that no data is sent unencrypted, it is still a best practice to ensure that operational data doesn't end up on the sales guy's laptop.

[SecTrainer]

HS - no, it's because your hotel is too low-rent to attract guests who carry laptops!

Just kidding, buddy.

Nate - do you activate system "master" (BIOS) passwords? I have a lot of mixed feelings about the benefits versus the potential admin headaches with doing that.

[N. A. Corbier]

Don't need to. One Computrace is turned on in the BIOS, the options disappear from BIOS and the laptop is permanently on. I don't bother with BIOS passwords, but you do have to type a very long password to turn the damn thing on any laptop that has a copy of Quickbooks (TrueCrypt).

Technician laptops "merely" require smartcard (In this case its a USB stick) with PKCS #12 certificate to connect to the VPN, and are loaded with minimal software.