Response Speed Is Key with Stolen Laptops - Page 2

More Responsive">

While the process of finding the right law enforcement official to respond to a theft may take some legwork, most police departments and federal agencies are responding more aggressively to the reports, according to Ben Haidri, vice president of business development for Absolute Software, which markets the LoJack brand of laptop tracking tools.

For its part, Absolute Software, based in Vancouver, British Columbia, operates a "recovery team" of former law enforcement workers whose specific job is facilitating interactions with local police departments in the name of tracking down stolen devices.

However, even the smallest company should have better luck trying to work with law enforcement on IT-related issues today than they would have several years ago, he said.

"Law enforcement officials have improved and are now more proactive on computer crimes," Haidri said. "Theyre realizing that computer criminals are becoming more sophisticated, and that these crimes are often related to more traditional criminal activities. This is motivating a faster response in many cases."

One of the most important issues in dealing with any law enforcement agency is having all the pertinent information about a stolen machine on hand, such as the serial numbers of any stolen PCs.

The idea may sound simple, but a surprising number of companies find police departments unable to help them when such basic data isnt readily available, Haidri said.

Another vital piece of work after a laptop theft is figuring out just what type of data was on the device and how likely it is to be accessed, said Joseph Ansanelli, chief executive of Vontu, which markets data recovery software.

Getting a clear picture of the exact information a missing device contained will drive companies next steps in responding to an incident, he said.

"The most important thing when you have a loss is getting a sense of what was on there, because that is going to determine the overall sensitivity of the data, who you have to inform of the loss and whether or not this is going to be a big deal," said Ansanelli.

"In addition to covering yourself or your customers, this is the most crucial information in figuring out how to keep something potentially damaging from ever happening again."

/zimages/4/28571.gifA laptop is lifted from a data providers office. Click here to read more.

Surprisingly, some experts say that companies need to be reminded to follow through on any policy changes or security projects they launch in the wake of a laptop theft.

Even after going trough the pain of multiple incidents, some companies dont pick up the ball and run with their efforts until something truly damaging affects their business, said Bryan Glancey, chief technology officer of device encryption specialist Mobile Armor, in St. Louis, Mo.

"We talk to people in this situation all the time, and unfortunately most refuse to make significant changes to policy until something happens that results in a noticeable financial loss," Glancey said.

"Then you have a lot of people who pledge to become more proactive, but the effort is short lived and they walk away after only a short time; this is the sort of attitude that is going to keep laptop thefts in the headlines for a long time to come."

/zimages/4/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.