Remotely Lock or Wipe a laptop

Hi All, I have a client that has about 10 laptops. They store sensitive data on them and want to know if there is a way to remotely lock the computer or wipe it should the laptop get lost or an employee defects.

Looking for something that is not service based and possibly something free.

Any advise would be great !!
Thanks !!
PAULADAMSJRAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
For a regular laptop - no. If something is available and if it was preinstalled, you might be able to. But for normal laptops or desktops, I have not seen anything like this.

Also, people have to connect to you before you could do this.
Glenn MadineSystems AnalystCommented:
Instead of wiping a notebook, you can use a full disk encryption solution. There are many FDE solutions to choose from

Or
if your notebooks are equipped with Intel vPro technology (an extra cost on the notebook), you can, if you have the infrastructure in place remotely power up and control the notebook.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Robert MathesonCommented:
go to control panel, click system and security,  scroll down to administration tools, and in tools click the create or delete a partition and a window will open listing all the drives and the room on each drive. Delete the partition and all the data will be gone. Deleting the partition erases the tracks on the hard drive and you can't open it without creating a new partition when you first install the operating system.
SolarWinds® Network Configuration Manager (NCM)

SolarWinds® Network Configuration Manager brings structure and peace of mind to configuration management. Bulk config deployment, automatic backups, change detection, vulnerability assessments, and config change templates reduce the time needed for repetitive tasks.

JohnBusiness Consultant (Owner)Commented:
The computer would have to be willingly connected for this to happen.
PAULADAMSJRAuthor Commented:
So are you all saying this simply isn't possible without a subscription of some sort ?

I can use the truecryt drive encryption which is great for theft but if you have a rogue employee and you need to shut access to the laptop down immediately.....How do you do that ??
JohnBusiness Consultant (Owner)Commented:
You cannot manage a laptop without connecting to it  (short of some preplanning and expense). A lost laptop is just that and a thief is not going to connect up.

I put a hard drive password on my laptop. While these can be defeated, newer password protection is better and most thieves or passersby would discard the drive and get a new one.

Nothing is perfect. but to do what you want requires preplanning and subscription.
David Johnson, CD, MVPOwnerCommented:
bios boot password and fde i.e bitlocker and if the laptop supports it enabling secure boot, have another admin password to access/change items in the bios.
this will defeat most people trying to access the laptop.  you can't pull the drive out and recover information..
A rogue employee is another item.. they already have the bios boot password and can login using cached credentials.  A service like intune it is $8.75 per managed user. Each user can have many devices will wipe ios/android and windows devices.
McKnifeCommented:
There are services. Google for LoJack.
I am not saying it cannot be circumvented, but it's the best method for your scenarios.
PAULADAMSJRAuthor Commented:
I think I didn't state my need very clear and that's my fault. The primary purpose of this solution would be to have an ability to lock down a laptop immediately should an employee defect. My client just would like to shut down the functionality of the laptop. The benrfit obviously to having a solution like that in place would be that it would make it easier to track should someone steal the laptop etc.

Anymore ideas before I close this out ?  Sounds like it's not possible to do without some sort of monthly service.

Thanks to everyone for chiming in so far.

PA~
JohnBusiness Consultant (Owner)Commented:
In order for you to manage a laptop, it must be connected to your network. If the employee has the laptop somewhere else (not connected) and you dismiss them, there is not much you can do. If the laptop is lost and not connected, there is not much you can do.

There may be security software that you pay for or subscribe to that can lock or wipe laptops not connected to your network, but I am not aware of that.

Think in terms of what I have said. Your options are limited.
McKnifeCommented:
The problem is: If that person decides to break bad, he could remove the hard drive. Being removed, there's no way some software operating on the laptop or its firmware can still reach it. So you'll have to use 2 measures:
1 the laptop will have to ask "may I still operate?" via low level (preboot) network connection. This is what LoJack is about. Other softwares offer the same, called remote wipe.
2 if the drive leaves the laptop it may not be readable - that's a standard function of tom based encryption softwares.
Robert MathesonCommented:
Pauladmin,
You could try this but it is just an idea.  With windows there is a built in remote administration ability.  You can log into any PC with an IP address if the computer is turned on or if they are using it.   I might try to log on to the stolen PC's IP address and once inside the stolen PC go to the control panel click on system and security,  scroll down to administration tools, and in tools click the create or delete a partition and a window will open. Delete the partition and all the data will be gone which will make the computer useless. Deleting the partition erases the tracks on the hard drive and you can't open it without creating a new partition at installation when you install the operating system..
McKnifeCommented:
Could it be you simply didn't understand my solution? It was just what you were asking for.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.