Absolute Software Corp. is adding new functionality to its flagship laptop management and theft recovery software which will allow IT administrators to start the process of remotely deleting or locking a stolen laptop via an SMS.
The Vancouver-based security firm announced the new SMS feature as part of the latest upgrade to its Computrace product — software which allows IT staff to track laptops and remotely delete their data if lost or stolen. The Computrace software is embedded in the firmware of their customers’ laptop computers and routinely makes a “check-in call” to report back its location.
The new feature, which Absolute is calling “Monitoring Center Initiated Calling,” means that Computrace customers will not have to wait for this check-in call, and instead, can trigger this process through a text message.
After the command to “phone home” is triggered by SMS, IT staff can view the exact location of the device, delete any sensitive data they wish, or activate Intel Anti-Theft Technology locking.
This functionality will only work, however, if the lost or stolen device is turned on. If the laptop is turned off, the command will not be received until the next boot up.
Absolute CEO John Livingston said the ability to force a “phone home” will give his customers yet another tool in their arsenal to respond to potential data breaches in real-time. He added that the more quickly a company can deal with a lost or stolen laptop, the less likely a significant data breach will occur.
Ramon Krikken, an analyst with the Burton Group’s security and risk management division, said that while the feature is a nice addition for customers already using the technology, it probably won’t be a major selling point for most enterprises.
“From my perspective, this is not the reason that somebody would just go out and buy it,” he said. “If they’re serious about data protection, they will need to be deploying some kind of encryption.”
If a device is encrypted, he said, the need to remotely wipe it would be less important.
But as netbooks become more prevalent and more mobile employees start “walking around with them and not shutting them down,” the encryption capabilities will become only marginally effective and, in turn, the SMS functionality becomes useful, Krikken said.
He added that the feature would also come in handy at medical or law enforcement agencies that use devices that are “always-on.” Krikken listed emergency management services and hospitals as organizations that might find the “phone home” capability useful.
Of course, a very determined attacker will be able to find a cellular dead zone after seizing an important laptop device and could render the functionality useless that way, he said.
Another potential issue could arise if more security firms start to implement this type of functionality, Krikken added. While the Absolute feature does not appear pose any new dangers, the more in-bound connections, such as SMS, you allow into your system, the more vulnerable it can become to other types of attacks, he said.
This would arise if a company, for example, introduced a feature that allowed you to directly remote wipe a device via SMS, Krikken said.
The new SMS feature, which Absolute said could also be triggered via the Web, will be available later this month and will be free of charge.