Using DirectAccess to locate stolen computers?
-
Tuesday, January 24, 2012 8:57 AM
We had a theft attempt this weekend and I wondered what to do if laptops were stolen. Do anybody have any thoughts on this matter?
Our DA installation is set up so all laptops member of a DA group will automatically go online on our network wherever they are.
I have opened firewall to accept incoming CIFS so I know I can monitor files locally. If anybody know of any free tools etc that can be installed to laptops for localization purposes that would also be nice.
All Replies
-
Wednesday, January 25, 2012 4:00 AMModerator
Hi HAL07,
Thanks for posting here.
I’d suggest to first disable this computer account for this lost laptop in AD database and suggest the user who loses his laptop to reset his password ASAP and that will help to prevent it to connect back to our network.
Meanwhile, not sure the detail information about our current authentication setting for DA but consider to enable strong CRL checking for IPsec authentication:
How to deny a computer access to DirectAccess?
Meanwhile, we also have other features that will help to protect our data from the accident about device losing:
Reacting to Laptop Theft
http://blogs.technet.com/b/microsoftsetup/archive/2009/03/25/dynamic-restore-of-stolen-laptops.aspx
BitLocker Drive Encryption Overview
http://technet.microsoft.com/en-us/library/cc732774.aspx
For more information please refer to the suggestions in the links bleow:
Traveling? 10 tips to protect your laptop from theft
http://www.microsoft.com/atwork/security/laptopsecurity.aspx
Tracing down stolen laptop...
Thanks.
Tiger Li
Tiger Li
TechNet Community Support
.png)
