Educause Security Discussion mailing list archives

Re: Laptop

From: Kevin Shalla <kshalla () UIC EDU>
Date: Thu, 12 Jun 2008 13:12:46 -0500

Computrace sounds like a very interesting product.  I'm curious about
how you get the machine back.  I can understand how Computrace would
be able to locate to some degree where a machine is (just based on
the IP address), but does it have a GPS or something else to actually
get a physical location?  Does the police then seize the computer
(and hopefully the criminal also)?

At 12:20 PM 6/12/2008, Sherry Callahan wrote:

Safeboot (now called McAfee Endpoint Encryption) is also working on
Mac encryption, with an availability timeframe of 1Q09.

We've been rolling out Safeboot to staff and faculty laptops that
were reported as being used to store or access sensitive information
since early 2007. Very recently, we announced that we are going to
expand the program to include all University-owned laptops (personal
laptops are prohibited from use with sensitive info by policy.)  The
only exception to the personal device rule is that we will be
encrypting the student-owned tablets that they are required to
purchase, as they will be using those during clinic rotations.  When
all is said and done in September, we'll have 1300+ encrypted laptops.

We also install Computrace on every laptop and have been very
successful in working with them to recover stolen laptops.  As one
previous poster mentioned, we've also worked with Absolute to
recover another University's laptop that showed up on our
network.  One thing to know is that having CompuTrace in the BIOS is
what makes it persistent and able to survive a hard drive reformat,
repartition, or drive replacement.  Only newer laptops and those
listed by certain vendors are able to have it BIOS-resident.  That
doesn't mean that you can't install it - just be aware that if the
thief formats the drive and reinstalls Windows, CompuTrace won't be
on there any more.

Also, we ran into a problem with the interaction of Safeboot and
CompuTrace on the same machine, particularly on Vista, because they
are both playing in the master boot record.  The installation order
is key - you need to install CompuTrace first, make sure it goes
active in the BIOS, and then encrypt the laptop.

If anyone is interested, our mobile device security page is at
www2.kumc.edu/security/mobilesecurity and I'd be happy to answer any questions.

Current thread:

Re: Laptop, (continued)
- Re: Laptop Harold Winshel (Jun 11)
- Re: Laptop Harold Winshel (Jun 11)
- Re: Laptop Mike Waller (Jun 11)
- Re: Laptop Allison Dolan (Jun 12)
- Re: Laptop Steven M Werby/FS/VCU (Jun 12)
- Re: Laptop Harold Winshel (Jun 12)
- Re: Laptop Basgen, Brian (Jun 12)
- Re: Laptop Spransy, Derek (Jun 12)
- Re: Laptop Sherry Callahan (Jun 12)
- Re: Laptop Sherry Callahan (Jun 12)
- Re: Laptop Kevin Shalla (Jun 12)
- Re: Laptop Sherry Callahan (Jun 12)
- Re: Laptop Nipper, Johnny R. (Jun 12)
- Re: Laptop KOVICH Greg (Jun 13)
- Re: Laptop Peters, Kevin (Jun 13)
- Re: Laptop Hugh Burley (Jun 13)