US COMPUTER MANUFACTURERS BEGIN ADDING EMBEDDING TOOLS TO COMPUTERS TO PREVENT ACCESS TO DATA http://online.wsj.com/article_email/SB114843200223261344-lMyQjAxMDE2NDI4NDQyMzQyWj.html

Embedded Tools Shackle PC Hackers

By Vauhini Vara and Christopher Lawton

Word Count: 1,164

Companies Featured in This Article: Dell, Hewlett-Packard, Microsoft, Lenovo Group

Dell Inc., Hewlett-Packard Co. and other companies have a new answer for the hackers and thieves who try to sneak onto personal computers: PCs that come embedded with technology to keep the bad guys out.

Over the past year, PC makers have begun selling more computers loaded with special security chips, fingerprint scanners and even self-destructing hard drives. The goal: To keep data safe from those who shouldn't see it, as computer users store increasing amounts of sensitive information on their laptops.

Sean Shively, who manages inventory for Smart Document Solutions LLC, an Alpharetta, Ga., company that processes requests for medical records, recently handed out more than 900 Dell laptops embedded with special antitheft software from Absolute Software Corp. to employees who travel to hospitals and clinics to scan medical records. When a computer is stolen, Mr. Shively's company can call a hotline to report the theft. The next time the laptop connects to the Internet, it automatically shoots a message flagging its location to computer servers at Absolute, based in Vancouver, British Columbia, so police can find it and the thief. Mr. Shively says he doesn't worry about thieves stealing the information itself, since it is all encrypted and has to be unlocked with a virtual key before it can be read.

Among the six laptops Mr. Shively has recovered in the past two years using the Absolute software, he says one ended up in the hands of a drug dealer in California. A few others were traced to former employees themselves. A three-year subscription to the Absolute service costs $99, but some PC makers offer discounts.

Among other high-tech solutions to theft, Toshiba Corp. last year began offering PCs that require users to insert a physical key into a slot in the PC to use it. The Japanese company has started integrating an alarm into some of its Tablet PC notebooks over the past few years. The alarm issues a shrill series of beeps if the machine is moved when it shouldn't be. Users can turn the alarm on by holding down a button on the device and turn it off by entering a password.

The slew of new security-oriented PCs reflects a broad shift in the security industry. In the past, computer users had to rely on third-party technology from specialized security firms, like antivirus software and firewalls that they could add on their own. Embedded security in PCs and other devices was rare.

But PC makers have recently ramped up security features, as they realized that more people were moving from desktop PCs to laptops, which made the devices much easier to steal. Matthew Wagner, a product marketing manager for Hewlett-Packard, says security has moved to the top of the list of concerns among business customers. If a laptop is lost, "the financial impact can be significant," Mr. Wagner says.

Indeed, the Computer Security Institute, a group in San Francisco that provides security training, found that laptop theft was responsible for an average of $19,652 in lost value and revenue for each of the organizations that said they had experienced laptop theft in a 2004 survey.

Until recently, however, no one had figured out a way to improve security without requiring the user to jump through a lot of hoops. While computer users could "encrypt" documents so they had to be unlocked with a virtual key, there were few other options for keeping files safe. Now, technology companies are coming up with features that make it easier for people to secure their computers. Hewlett-Packard, for one, says more of its business notebooks now include fingerprint scanners, and smartcard readers as standard options.

The technology that has perhaps gained the most traction within the past year requires little work from users themselves. Three years ago, an industry organization called the Trusted Computing Group helped standardize a chip that sits deep inside a PC and stores passwords and other sensitive information. Since the chip is tucked in the PC's hardware, the data on the laptop is better protected from viruses and other attacks that mainly target software and not hardware. The group has attracted such big names as Dell, H-P and Microsoft Corp., and some 56 million PCs are expected to be shipped with the chip in 2006, up from 20.4 million last year, according to Endpoint Technologies Associates Inc., a technology market research group based in Wayland, Mass.

Built-in security features have especially caught the eye of organizations that buy computers for their employees, who are increasingly storing sensitive business information -- including customers' private data -- in a digital format. They are willing to pay a premium for features that could help avoid embarrassing data breaches that scare away customers, says Rob Enderle, an analyst at the Enderle Group, a research firm in San Jose, Calif. This week the Department of Veterans Affairs said more than 26 million U.S. veterans' personal information was stolen from the home of an employee, who had broken a rule and taken home the data. It was the latest of several high-profile incidents this year involving stolen laptops or other devices that held private information.

Jared Leavitt, an account executive at San Francisco public-relations firm Access Communications, says he wouldn't pay for added security features in a PC of his own. "I consider it a nice-to-have, rather than a need-to-have," says Mr. Leavitt, 27 years old. But he uses extra security features on a company-owned laptop, since he stores confidential information about clients on it.

Home users have only recently begun to show interest in security technology such as fingerprint readers. Most of the security features are still more commonly found in notebooks targeted at business users. Some PC makers, including Dell and H-P, say regular consumers can probably do without the scanners and extra security measures, since they don't have to deal with the strict laws around disclosing data breaches to which companies must adhere.

Still, many consumers like the newfangled security measures, such as fingerprint readers. Jennifer Chen, a 20-year-old student at Stanford University, used to awkwardly shield her computer keyboard as she typed in her password in public on campus, to avoid giving it away to some stranger. "You sort of had to hover over it," she says.

Then she bought an IBM ThinkPad T60 from Lenovo Group Ltd. that included a tiny, rectangular fingerprint scanner on the keyboard's bottom right-hand corner. Now when she turns on her PC, it flashes a screen asking her to swipe her finger on the pad. If the fingerprint matches the one she has stored in the PC, the computer boots up normally. If not, it stops.

Ms. Chen's PC came with the scanner, but it can also be added to standard PCs from Lenovo, Dell and others for about $50.

Ms. Chen has lately been showing off the fingerprint scanner to her friends. The verdict: "They think it's hilarious," she says. "And totally unnecessary."

Write to Vauhini Vara at vauhini.vara@wsj.com and Christopher Lawton at christopher.lawton@wsj.com