Controlling Your Company's Computer Assets

With rising costs to replace laptops, does computer hardware asset management deserve a closer eye?


It probably will hit home for you, as well. There are scores of incidents of computer theft that happen every day, and with today's laptops and desktops easily costing over $2,000 - and that's without the cost of reinstalling new software and the cost of the downtime - it's a theft that can hit your business hard. Take a few recent examples:

  • Wesley College, Australia: $120,000 in expensive laptops and other computer equipment stolen
  • San Jose Medical Group: two stolen computers, with loss of patient databases with social security numbers and medical information
  • Sikorsky Aircraft: loss of 20 or more computers, valued at $200,000, plus loss of proprietary information, software
  • Austin Public Schools: $500,000 in stolen high-tech equipment, much of it computers, by a theft ring

If those aren't enough to make you concerned, then just wait. It's likely one of your company's employees will be hit, whether it's an office break-in or a theft of a business traveler's laptop. And that's an expensive proposition. According to a 2002 report from the Computer Security Institute/FBI Computer Crime and Security Survey, a single laptop theft will result in an average business loss of $89,000, making the actual hardware just a fraction of the total cost.

SecurityInfoWatch.com recently spoke with Absolute Software CEO John Livingston to discuss computer loss, and according to Livingston, not all computer loss is directly attributable to computer theft.

"Companies are up against computer drift," says Livingston. "On average over two years, 15 percent of notebooks can't be returned after two years. Half of that is theft; half is computer drift."

Drift is what happens, he explains, when a computer is reassigned without any information recorded about to whom it was passed along. Some computers end up with other employees. Some end up at locations off the network such as at home. And some are loaned out to contractors, making it all the more difficult to find where the computer is.

But the theft portion of computer loss is even more dramatic - because it might mean that your company's data could end up in the wrong hands. So where are these thefts occurring?

"Most of the thefts that we see are happening internally," explains Livingston. "It's employees who are coming in and removing the machines."

The other thefts are typically crimes of opportunity, with laptops often stolen at airports and at hotels. Some of these losses are simply grab-and-go operations, but other losses can be simply attributed to forgetfulness.

Livingston gave some examples of today's theft operations, noting that a university fell victim to a theft where a truck was backed up to the location, and 30 PCs were ripped right out the walls, with the cables left dangling. In another instance, he says, a pizza delivery person, after dropping off the pizza at the business, stole numerous laptops that were left unattended in a boardroom where execs had been meeting. In another theft, an employee was found to be lifting up the modular ceiling tiles and stashing computer hardware in the ceiling for retrieval later.

By and far, says Livingston, educational institutions are the ones most often targeted. With large banks of computers plus high traffic areas with numerous students coming in and out of computer areas at all times of day and night, it's not hard to see why school computer labs could be an easy victim.

However, for school security and asset management directors there's an even tougher scenario. With the implementation of the No Child Left Behind Act that encourages one-to-one computing where every student can have access to a computer and are often given laptops to use, asset management reaches new heights of complexity.

Of course, while schools might be the most popular and easiest targets, it's often healthcare and financial institutions - which have to meet their respective HIPAA and Sarbanes-Oxley standards - that have the most to lose now that federal laws require strict control of data.

While some of that data loss can be secured with encryption, not all companies have made it to that level of advanced protection. Indeed, the recent loss of data tapes by Iron Mountain of unencrypted Time Warner data is a prime example. Until encryption is standard for all valuable, private or proprietary data, it's even more important to keep a tight grip on computer assets.