Physical security is a huge problem for mobile workers who need to lug their notebook PCs wherever they go. You have to put that case down sometimes, and a moment is all it takes for the computer to disappear.
If you can make the computer useless, a thief has no incentive to keep it. Even better, if you can get your computer to tell you where it is, your chance of recovering it goes way up.
Those are the aims of CyberAngel, an interesting software-only product from Computer Sentry Software (CSS).
When you install the software, CyberAngel asks for your contact information, password and an authorization code. You must enter the password to be considered the proper owner of the computer. A word or phrase you choose as the authorization code is used when you contact the CSS operations center.
After you enter the initial information, CyberAngel connects to the Internet to register your computer. I had trouble registering from behind our firewall, but using a modem, I was able to dial in to the CSS authorization server without any trouble.
Once authorized, you have to enter a CyberAngel password every time you start the computer. You can let the software prompt you for a password, or you can just remember that the first keys you need to type after the system starts must be the password. CSS recommends the latter approach, but I found it easy to forget to enter the password if I wasn't prompted.
If someone doesn't enter the correct password after three attempts, CyberAngel contacts a monitoring server as soon as it's connected to the Internet. The server contacts you by e-mail or fax to tell you someone tried to use the computer. You can also configure it to lock the mouse and keyboard. At that point, your notebook becomes just an expensive doorstop.
What if you screw up and your computer locks up on you? All you need to do is enter the password correctly.
It's true that a thief could boot from a diskette, but if you really want to protect your data, you can buy a version of CyberAngel that encrypts your data and decrypts it on the fly in memory for authorized users.
When I simulated a theft, the incident report I got back from CSS included the IP address I was logged on to, the information about the domain from the InterNIC, and even a map showing that organization's location, all of which would help law enforcement recover the computer.