Oakley Networks is expanding its insider threat protection tools by offering software that can locate missing laptops and wipe their hard drives remotely.
Once installed on a laptop, Oakleys SureFind acts as a locator beacon if a laptop is reported stolen. The software “calls in” to Oakley and reports any activity that has happened since the theft, including information about downloads and logins.
Although there are other locator applications on the market, Oakley feels the SureFind is unique because of the level of discovery that can be attained. If a company finds that no data has been taken, it does not have to report the breach, and data can be removed quickly.
Lost and stolen laptops have resulted in some high-profile information leaks over the past few years, the company noted, and data protection regulations require that such incidents be reported if a company discovers that the information has been exposed.
“If you find out that the laptops data hasnt even been accessed, it can keep a company from becoming the next headline,” said Tom Bennett, Oakleys vice president of marketing.
The application works even if a new system has been installed, he added. Oakley does not expect SureFind to be a replacement for hard disk encryption, but to act more like an insurance policy against risk.
SureFind is being touted as part of Oakleys “Total Behavioral Visibility” insider threat mitigation suite. The product line includes endpoint monitoring and a behavioral analysis appliance, and is targeted at Fortune 1000 and government agencies.
“The suite helps a company discern between whats malicious and whats inadvertent,” says Bennett. “Its designed to eliminate false positives.”
One limitation to the SureFind technology is that a laptop has to be connected to the Internet to be found. If a thief decides to download data onto an external device, and never ends up attaching it to a Web-enabled connection, SureFind will not be able to locate it or to erase any data.
The company is working on additional technology that will lower this type of risk, Bennett noted. Future iterations could include controls like automatic data erasure if a user doesnt sign in for a week, for example, or if there are several incorrect password attempts within a certain timespan.
“The main goal were working toward is to remove laptops from any type of risk,” said Bennett. “We want stolen laptops to be rendered into useless bricks. That will make thieves think twice about stealing them.”
