The Simple Things Part One – The Lock Lead

ImageWhy is the humble lock lead the first item in my top ten? Many people would complain it is a pain in the backside to use day after day, that it can’t provide that much protection given the tiny connection to the laptop in the small rounded rectangular hole, and the cable must be pretty easy to curt through, so why bother?

Let us look at the two main aspects of lock leads, namely the physical aspect (how strong, reliable etc) and also the deterrent aspect (will it put people off?).

1. The Physical

There are good quality, well made lock leads and there are bad quality, poorly made lock leads. Make sure you choose the right one. How do you choose? Look for recommendations, and also purchase range of them and try them out yourself. Some can be opened with a rolled up business card, and some can be snapped off with a sharp turn of the barrel using a pair of pliers. My current favourite is the Compu-Lock lead, http://www.compu-lock.com (I have no business or personal interest in the success of this company but the lead they produce meets many of there criteria I lay out in this article). You of course may fall to one of the other major manufacturers.

The cable itself (at least in a good one) is made of stranded hardened steel (allowing flexibility with strength) and covered in a durable plastic coating that also provides initial protection from cutting (such as with pliers). The construction is very similar to a bike lock albeit thinner, and although it can be cut it takes some considerable effort with hand tools. I have tested this with a lower specification cable, cutting through it in just under two minutes with a pair of snips; it took a considerable amount of effort and grunting to do so, and I was still left with a “tail” attached to the laptop. The better specification cables will take significantly longer.

The lock itself is also important. Kensington came under fire some years ago (somewhat unfairly) when many of their locks were shown to be susceptible to Bic biro barrels and rolled up business cards being forced into the key hole to take the shape of the key and subsequently open the lock in a matter of seconds. This problem went beyond laptop locks and affected other barrel lock manufacturers for bikes etc.. Although the problem has been solved, I still feel wary of these types of lock, albeit without foundation! As an enterprise you will want a lock that provides master keys specific to your organization, something that is not always easy to find, especially in the lower end of the market.

Finally, the fit is important. Many locks will connect with the laptop but then be loose. Some try and overcome this with rubber flanges which is ultimately useless. the problem a loose lock poses is that if the gap is big enough to get a hacksaw into you can attack the pin(s) that lock it, or even worse get a good grip and twist the barrel to break the pins. The better locks will have an adjustment mechanism that ensures the barrel is tight against the laptop meaning there is significantly less leverage and no gap to cut through.

2. The Deterrent

So you have the Rolls-Royce of locks in your possession… there are a numbers of things to bear in mind to ensure its effectiveness.

Firstly, you have to use it! Time after time I see them looped into a desk and then not connected to the laptop. FAIL on all counts. Use it all day, every day; in the office, hotel room, client site, even in the boot of your car if you have to leave it in there for whatever reason (avoid this last one at all costs though!).

Secondly, given it will not put off a determined attack, it should not be left overnight in your office for instance. Their primary use is as a casual theft deterrence; any thief in a time pressured situation (perhaps during a fire evacuation drill?) will not bother with the laptop that is locked and move very quickly onto the one that isn’t. If somebody has the luxury of thirty, undisturbed, minutes in the middle of the night they may think differently as well as be equipped for it! Always take your laptop home; if nothing else it is a very effective contributor to your company’s BCP initiative!

Finally, having the lock leads helps keep you in a security mindset (hopefully without becoming paranoid!). It is a constant visual reminder of the need for security, and if it reminds you to lock your screen every time you step away for a coffee then you have doubled the value of the lead straight away.

In conclusion, the lock lead has to be one of the most simple, best value and effective data loss prevention tools available. It’s use will significantly reduce the potential for theft of not only the physical device, but the cost of replacing the laptop, the data, the time in getting everything back and potentially a front page spread in a national newspaper;” Company X loses One Million Public Records“.

Surely £25 is worth avoiding that?

Tags: ,

About Thom Langford

An information security professional, award winning security blogger and industry commentator. Available as a speaking head and presenter on topics relating to information security, risk management and compliance.

One response to “The Simple Things Part One – The Lock Lead”

  1. Graham Sutherland says :

    Totally agree here. I bought a lock for keeping my laptop safe in my hotel room whilst I was at InfoSec / BSidesLondon, and it kept my mind at ease. I definitely suggest looking into locks which have adjustable pins, too. Mine has a small bolt that locks into the laptop, which you turn to adjust. The cable has a housing that then clips onto the bolt tightly, making it impossible to remove.

    There are devices with tamper alarms, too. They contain a small watch battery, and send a tiny current down the cable when locked. If the circuit is broken, a piezo inside the lock housing makes a very loud noise. I didn’t go for one in the end, since the reviews were sparse and the price was much higher than a standard lock.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: