Physical Lockdown

The physical theft of mobile computers is a pretty big problem, with around 400,000 laptops a year stolen in the United States.

Like other kinds of computer crimes and security breaches, in a great many physical mobile computer thefts insiders are responsible. Typical insiders include employees, temporary workers, and contractors.

The moral is to be leery about leaving your laptop lying around, either in the office or when you are traveling. This sounds like pretty obvious advice, but what if you just don't want to lug it around with you?for example, to go on a bathroom break during a convention?

A common and relatively inexpensive security device to deal with this kind of situation is the cable lock. The manufacturer of the cable lock provides a way of attaching the lock to the computer. (Often the lock plugs into a port on the laptop, with a security mechanism preventing its removal without the key). The cable then loops around a stationary item, such as a desk leg.

Cable locks can be had for as little as $20 to $30. Probably the best known cable lock manufacturer is Kensington, In some cases, the manufacturer of the cable lock guarantees the laptop attached with the cable lock.

The problem with cable locks is that they can easily be cut using bolt cutters available in any hardware store. To add another level of security, you can use a cable lock alarm, such as the Defcon, made by Targus. Targus,, best known for its mobile computer cases, makes a number of different cable lock alarms for as little as $40. These alarms make a huge racket when the cable is tampered with.

Targus also makes a PC Card, the Targus Defcon Motion Data Protection (MDP) card, that slips into the PC slot on your laptop. This card, which sells for about $100, provides double-barreled protection. First, it sounds a loud alarm in response to motion (so it works as a physical theft inhibitor). The card also encrypts the computer, with PIN access (this encryption inhibits data theft as well as physical theft).

When the alarm has been triggered (because the card encounters unauthorized motion), a second, 16-digit PIN is required to gain access to the computer's operating system and files.

If you are going to be carrying around important, confidential data on your Wi-Fi?enabled mobile computer, this sounds like a pretty good investment to me!

There are quite a few solutions along the lines of the Targus MDP card that get more and more complex. Some of these schemes include biometric scanning devices?to authenticate you as the owner of your mobile computer. In other schemes, wireless technology is used to maintain a series of "leases" that keeps the mobile computer going. If the mobile computer fails to obtain a lease for a certain period of time, it stops working, and encryption is engaged. With these schemes, generally a cell phone call can also trigger arming of the defense mechanisms.

Companies that sell sophisticated defense systems along these lines include CoreStreet, Digital Persona, Keyware, RSA Security, and Vasco.

Typically, these are complex (and costly) solutions, more suitable for an enterprise than for an individual. But if you are involved in travel with mobile computers that store important and sensitive information, you might want to consider taking this next step.


Sophisticated data protection schemes may protect the data on a mobile computer, but they will not prevent the theft of the physical machine. Even if a machine is data-locked, the victim of the theft is unlikely to ever get the machine back.