Preventive measures: Stolen Laptop



  • Taking a comment from a friend of mine who recently had her laptop stolen, What are some things that you can suggest to prevent access to the data. Or even recovery.

    Proof of ownership was provided to the Police in the report (SN, photo, etc).



  • If you manage the devices for your friends and family create a Meraki account, and install the tracker on the devices. Enable "Last Location" alerts for when they shut down. Meraki offers this for free (to everyone) full MDM management. It's quite good.

    You could encrypt the data directories or the entire drive. But if the device is shutdown, you'll never be able to track it again. Likely local directory encryption is better for "users".

    The encryption portion (to try and prevent data loss) is only effective to prevent the data from being reviewed though. A backup plan is critical for important information. You can protect it with encryption from unauthorized access.

    A dropbox account or the likes would likely work very well. Especially since you'd be uploaded encrypted data for those "oh crap" moments.



  • Best option is... don't store data on laptops. Assume that they are vulnerable endpoints. Store data on a server, just access it from laptops.


  • Banned

    @scottalanmiller said:

    Best option is... don't store data on laptops. Assume that they are vulnerable endpoints. Store data on a server, just access it from laptops.

    We do this for laptops and desktops. Everything on the server.. That's why we have a VPN (which requires authentication as well).



  • I agree with the encrypting data over the whole drive. I see no reason to encrypt the OS.

    Having a backup plan is critical - especially on some forms of data.... photos that can't be replaced. thesis papers, research, financial data, etc.

    I have FEBE running in Firefox to backup my bookmarks and such to my local computer and to my two cloud locations.
    I'm working on compiling other data for storage, but I dont' have much .. And nothing HIPPA or 'classified'.



  • @scottalanmiller said:

    Best option is... don't store data on laptops. Assume that they are vulnerable endpoints. Store data on a server, just access it from laptops.

    In a business environment - I completely agree. and this should be done not only for laptops,.. but for all devices. Data is owned by the business.

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.



  • If you don't store data on laptops, do you not have problems with users trying to work in places without internet access? Or with flaky internet access?

    I'd always prefer encrypting local storage rather than simply not using local storage.



  • @gjacobse said:

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.

    That seems silly. Laptops are super expensive, having everything hosted elsewhere is cheap. If there is concern over data being stolen, this is the most basic step.

    My niece's $200 Chromebook is 100% "data on a server" and it is all included in the price. People with expensive Windows and Mac laptops have even less excuse because they have tons of money to spend on those things.



  • @gjacobse said:

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.

    Yeah I agree with Scott here.

    Things like OneDrive and Google Drive are free for something like 20 Gigs or more. If you personally have more data than that, you can probably afford to pay something to keep it online.

    Though - these solutions sync with files that are local - so while you won't loose the files, the thief might still have access, so encryption would still be needed.



  • @scottalanmiller said:

    @gjacobse said:

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.

    That seems silly. Laptops are super expensive, having everything hosted elsewhere is cheap. If there is concern over data being stolen, this is the most basic step.

    My niece's $200 Chromebook is 100% "data on a server" and it is all included in the price. People with expensive Windows and Mac laptops have even less excuse because they have tons of money to spend on those things.

    No intention to split hairs,.. My ACER was maybe $500,.. hardly "super expensive".. Now if I had the money for a Panasonic Toughbook,.. that would be different since they range from $2700 to $4000.



  • @scottalanmiller said:

    @gjacobse said:

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.

    That seems silly. Laptops are super expensive, having everything hosted elsewhere is cheap. If there is concern over data being stolen, this is the most basic step.

    My niece's $200 Chromebook is 100% "data on a server" and it is all included in the price. People with expensive Windows and Mac laptops have even less excuse because they have tons of money to spend on those things.

    I don't think that comparing the cost of the end point device (a laptop in this case) to the cost of private server was the way to go here - instead you should be just comparing the hosted data storage solutions versus the private server solution mentioned. The endpoint will be the same regardless.



  • @Dashrender said:

    Though - these solutions sync with files that are local - so while you won't loose the files, the thief might still have access, so encryption would still be needed.

    You would have to turn off local syncing, otherwise data is stored on the local storage, so what's the point?

    Chromebooks, for example, have a local cache. This is great for when you don't have internet access, but isn't a solution to the security issue.



  • @gjacobse said:

    @scottalanmiller said:

    @gjacobse said:

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.

    That seems silly. Laptops are super expensive, having everything hosted elsewhere is cheap. If there is concern over data being stolen, this is the most basic step.

    My niece's $200 Chromebook is 100% "data on a server" and it is all included in the price. People with expensive Windows and Mac laptops have even less excuse because they have tons of money to spend on those things.

    No intention to split hairs,.. My ACER was maybe $500,.. hardly "super expensive".. Now if I had the money for a Panasonic Toughbook,.. that would be different since they range from $2700 to $4000.

    That's super expensive compared to the cost of having data elsewhere. That's 250% the cost of a nice laptop that comes with all data hosting included.. So in relative terms, that's a lot of money.



  • @Dashrender said:

    I don't think that comparing the cost of the end point device (a laptop in this case) to the cost of private server was the way to go here - instead you should be just comparing the hosted data storage solutions versus the private server solution mentioned. The endpoint will be the same regardless.

    What difference does the different costs of hosting cost? The ones most readily available are trivial cost compared to the cost of laptops. It's like buying a car and complaining that you can't afford the seat covers. If you can afford a car, seat covers are back ground in the bank account.



  • @Carnival-Boy said:

    @Dashrender said:

    Though - these solutions sync with files that are local - so while you won't loose the files, the thief might still have access, so encryption would still be needed.

    You would have to turn off local syncing, otherwise data is stored on the local storage, so what's the point?

    Chromebooks, for example, have a local cache. This is great for when you don't have internet access, but isn't a solution to the security issue.

    But it is a solution to the backup problem. So now you have a solution to both.



  • @scottalanmiller said:

    @Dashrender said:

    I don't think that comparing the cost of the end point device (a laptop in this case) to the cost of private server was the way to go here - instead you should be just comparing the hosted data storage solutions versus the private server solution mentioned. The endpoint will be the same regardless.

    What difference does the different costs of hosting cost? The ones most readily available are trivial cost compared to the cost of laptops. It's like buying a car and complaining that you can't afford the seat covers. If you can afford a car, seat covers are back ground in the bank account.

    I see what you are saying - but come on, we're talking about consumers here. They never take a holistic approach to this type of purchase.

    I want to watch all the football games - I gotta have a huge TV.... get the TV home.. oh.. now I guess I need cable, OK go get cable... oh I need the sport package.. get the sports package...

    this is status quo for general consumer.



  • @Dashrender said:

    I see what you are saying - but come on, we're talking about consumers here. They never take a holistic approach to this type of purchase.

    What is the point of asking the question if the answer is.... but users will do the wrong thing anyway? Why ever ask how best to do something if we don't plan on presenting the answer?



  • @Dashrender said:

    this is status quo for general consumer.

    So is not protecting their data. So if we take that mindset.... there is nothing to be done because the average consumer does the wrong thing therefore there is no answer to give.



  • I may have missed the point of this thread. I'm not sure what the cost of public versus private servers has to do with it?

    For consumers I see no excuse these days for not using free services like Onedrive, Google Drive, Flickr etc etc. All my files are stored in Onedrive and all my photos in Flickr. I don't know why anyone would want to store files only on local storage. Apart from anything, most people now have multiple devices which need access to their files - laptop, tablet, phone etc etc.

    Unless you have masses of storage needs (and I reckon 99% of consumers don't), there are loads of places to store your files for free.



  • The generality of that may actually be completely right. But the when the question is asked, as it has been here, it's nice to have an answer.

    I'm also working from a point that the user already has a device. If we are fortunate enough to have a person asking before they make a purchase, they will have many more options.

    But getting back to what I was talking about, why would a consumer ever look at a personal server for backups. A local NAS device maybe, or a USB drive attached to their router, etc. Those options are pretty cheap, but a server - something you'd rarely ever see in consumer's home.



  • @Dashrender said:

    But getting back to what I was talking about, why would a consumer ever look at a personal server for backups. A local NAS device maybe, or a USB drive attached to their router, etc. Those options are pretty cheap, but a server - something you'd rarely ever see in consumer's home.

    Why are we talking about personal servers?



  • Because, this:

    @gjacobse said:

    @scottalanmiller said:

    Best option is... don't store data on laptops. Assume that they are vulnerable endpoints. Store data on a server, just access it from laptops.

    In a business environment - I completely agree. and this should be done not only for laptops,.. but for all devices. Data is owned by the business.

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.

    You mentioned working from a server, gjacobse said fine for a business, but not so for a consumer.



  • @Carnival-Boy said:

    I may have missed the point of this thread. I'm not sure what the cost of public versus private servers has to do with it?

    For consumers I see no excuse these days for not using free services like Onedrive, Google Drive, Flickr etc etc. All my files are stored in Onedrive and all my photos in Flickr. I don't know why anyone would want to store files only on local storage. Apart from anything, most people now have multiple devices which need access to their files - laptop, tablet, phone etc etc.

    Unless you have masses of storage needs (and I reckon 99% of consumers don't), there are loads of places to store your files for free.

    In my case, I have the following:

    • Dropbox
    • Box.net
    • Google Drive
    • OneDrive
    • OneDrive for Business.

    So I at least have some options... And if I take @scottalanmiller suggestion and use of Flickr, then I'll have a place to back up my photos to..



  • @Dashrender said:

    Because, this:

    @gjacobse said:

    @scottalanmiller said:

    Best option is... don't store data on laptops. Assume that they are vulnerable endpoints. Store data on a server, just access it from laptops.

    In a business environment - I completely agree. and this should be done not only for laptops,.. but for all devices. Data is owned by the business.

    But in a personal setting,.. not at easy to do since not everyone can afford the setup and running of a private server.

    You mentioned working from a server, gjacobse said fine for a business, but not so for a consumer.

    Yes, but not a personal one.



  • NTG's file server is on Office 365. Shared, hosted servers, same as I would expect a consumer to use.



  • I have pretty much all my files stored on OneDrive. This scares me slightly, as I'd be screwed if Microsoft "lost" my account for any reason. I keep meaning to setup a system to sync between OneDrive and Google Drive, so that I've got some redundancy if Microsoft or Google decided to screw me over.

    It's on my to-do list, along with fixing the leaking outside tap.



  • @Carnival-Boy said:

    I have pretty much all my files stored on OneDrive. This scares me slightly, as I'd be screwed if Microsoft "lost" my account for any reason. I keep meaning to setup a system to sync between OneDrive and Google Drive, so that I've got some redundancy if Microsoft or Google decided to screw me over.

    It's on my to-do list, along with fixing the leaking outside tap.

    That makes me wonder,.. I know you can tell Dropbox what folder to use. It would be interesting to see if you could tell it to use say your Box.net or Google Drive folder and it would auto sync... with no additional tools, software, scripts or duplicated files....



  • That's likely what I'll try first.



  • @Dashrender said:

    You mentioned working from a server, gjacobse said fine for a business, but not so for a consumer.

    I would like to setup and run a server at home... maybe even with AD and all that. But right now - just not practical.



  • @gjacobse said:

    @Dashrender said:

    You mentioned working from a server, gjacobse said fine for a business, but not so for a consumer.

    I would like to setup and run a server at home... maybe even with AD and all that. But right now - just not practical.

    Do you have an old desktop you can throw some RAM in?