How widespread is laptop theft?
According to one study, some 2 million laptops are stolen each year.¹ And researchers at the Ponemon Institute estimate that 12,000 laptops are stolen at airports every week.²
For today’s enterprises, with their increasingly mobile workers, these statistics represent serious financial risk in terms of lost hardware and data.
More than ever before, then, enterprises need a reliable way to deter laptop theft and, if theft does occur, the means to disable access to or destroy the stolen data even if the machine is out of reach.
Continue reading this TechBrief to learn how a solution from Symantec that integrates with Intel Anti-Theft Technology (AT) provides IT administrators with intelligent, multi-level protection against lost or stolen laptops and the data they contain.
As data breaches grow more costly each year, it’s not surprising that organizations are responding by stepping up deployments of encryption and other protection technologies. The latest Cost of a Data Breach study by Symantec and the Ponemon Institute found that the use of encryption and data loss prevention solutions has jumped 17% since 2008.³
PGP Whole Disk Encryption (WDE) and PGP Remote Disable and Destroy (RDD) with Intel AT help businesses minimize the risk of data breaches by giving IT the ability to trigger a full system lockdown and seal critical cryptographic materials.
At the simplest level, deploying PGP WDE with RDD powered by Intel AT helps to deter theft because would-be thieves are likely to pass by a laptop that displays a visual deterrent like the Intel AT logo and the PGP WDE logo. As the saying goes, “Why steal a laptop that turns into a brick?”
At the heart of the Symantec/Intel solution is a protected area, physically embedded in each Intel Core processor equipped with Intel AT, where Symantec encryption algorithms can run securely, providing resistance against tampering. Because these security mechanisms are embedded in the hardware, data is protected even if the thief applies extreme measures, such as reimaging the operating system, changing the boot order, installing a new hard drive, booting from an alternative device, or breaking connections with the network.
For example, if a thief removes the hard disk and tries to access it from another computer, the data is encrypted and the information is locked. The only way to access this information is to call the help desk and retrieve a one-time token.
In addition, security-protected local timers can detect suspicious behavior, such as an excessive number of login attempts, an unusually long time before credentials are entered, or failure to check in with the PGP Universal Server. The PGP Universal Server provides a central management platform for activating, configuring policies, and monitoring systems protected by PGP WDE with RDD.
Alternatively, if a user calls IT to report a stolen laptop, an administrator can flag the laptop on the PGP Universal Server as stolen.
Bottom line: Laptops protected this way have local theft and tamper detection mechanisms, and also support remote disable.
When a laptop is protected by PGP WDE with RDD powered by Intel AT, it can check in with the PGP Universal Server as soon as the thief accesses the Internet. The laptop then receives a “poison pill” sent by IT and immediately goes into a special “stolen” mode.
The laptop also sends an acknowledgment to the server that the poison pill was received. This is important for organizations exempt from data-breach notification regulations that contain an encryption “safe harbor.”
Next, the laptop locks critical elements of the decryption security credentials stored in the hardware and disables the system’s boot process. This sequence of events is invisible to the thief until the system is rebooted, at which time unauthorized access will be prevented until the platform is recovered.
If and when a laptop is recovered, reactivation is straightforward: PGP WDE includes support for IT-managed pass-phrase recovery (using a recovery token). PGP WDE also includes support for Intel Active Management Technology, which enables remote access to systems encrypted with PGP WDE.
When it comes to data security, one of the most effective solutions is to combine hardware and software to protect data confidentiality in case of loss or theft. To enhance conventional data protection techniques, Symantec integrated Intel Anti-Theft Technology with its PGP Whole Disk Encryption solution to provide strong security for laptop users. A component of this solution, PGP Remote Disable and Destroy, can render a stolen laptop useless and unreadable by unauthorized individuals. Together, these technologies deliver superior data security and asset protection.
- ¹ “Getting over laptop loss,” Joris Evers, CNET News, June 30, 2006
- ² “Airport Insecurity: The Case of Missing & Lost Laptops,” Ponemon Institute, July 2008
- ³ 2010 Annual Study: U.S. Cost of a Data Breach, Symantec and the Ponemon Institute, March 2011