Remote User Software For Company Laptops 1

[DrB0b]

Hello all,
This isn't the right place to put this, but honestly I have no idea where this should fit. We have a remote sales team all throughout the US that have company laptops they do their work on. We have the BIOS locked out and have the only bootable device being the HDD. What we are looking for is a software that allows us to manually lock out a rogue remote laptop if it was stolen or kept by a terminated employee. Basically something that either allows us to lock it out at will when it is connected to the internet or something that locks it up after so many days not talking home to the server. I've tried googling around and have come up empty so far. Hopefully someone out there is already using something similar and can point me in the right direction. Any ideas are welcome.

Learning - A never ending quest for knowledge usually attained by being thrown in a situation and told to fix it NOW.

 

[DrB0b]

Just to update thread, I found two that may do the trick. When we select one Ill give an overview of if it does what it says it can.

https://www.exo5.com/

https://www.absolute.com/en

Learning - A never ending quest for knowledge usually attained by being thrown in a situation and told to fix it NOW.

 

[Scott24x7]

In reality, you will probably never make this fool proof... I have gotten around many laptops that were "locked out". And if users know it will be locked out depending on the laptop, all one needs to do is remove the bios battery and it will reset it to default.
So keep that in mind... I find people spend a lot of money on this kind of thing, only to have it defeated at the end of the day anyway...

Best Regards,
Scott
MSc ISM, MIET, MASHRAE, CDCP, CDCS, CDCE, CTDC, CTIA, ATS

"Everything should be made as simple as possible, and no simpler."

 

[DrB0b]

A BIOS password should reside on the chip itself and removing the CMOS battery shouldnt be enough to bypass. The only way around it is to either flash the chip or replace the motherboard.

That being said, I know best laid plans are usually subverted one way or another.

Learning - A never ending quest for knowledge usually attained by being thrown in a situation and told to fix it NOW.

 

[strongm]

You might want to consider AirWatch.

And then something like the following (just one part of AirWatch) would seem to meet your requirements:

https://docs.vmware.com/en/VMware-A...2/GUID-014MDM-CompliancePoliciesOverview.html

 

[Scott24x7]

DrBob... I mention this point because I have reset them this way many times, depending on laptop make. And BIOS settings are volatile memory. This is why you need a BIOS battery to start with. So pulling the bios battery on a laptop is the same as pulling a bios battery on a PC. (Try it if you don't believe me...)
Some laptops (Like MS Surface Pro) are sealed, so that at least make it a much bigger challenge. But none of this stuff is as "safe" as you might want to belive it to be. Also, google for "How to reset laptop BIOS" and you'll find my answer is reflected there too.


Best Regards,
Scott
MSc ISM, MIET, MASHRAE, CDCP, CDCS, CDCE, CTDC, CTIA, ATS

"Everything should be made as simple as possible, and no simpler."

 

[DrB0b]

@Scott24x7 - Thank you for your input. As a laptop tech of about 10 years I had dealt with many BIOS passwords that were not clearable via this method is why I replied with my above thoughts. I'm not saying every motherboard is the same but I have purposefully put a Dell laptop motherboard aside for a month without a CMOS battery and the password remained. Again thanks for the input.

@Strongm - Will look into it. We are not a VMWare company but instead use HyperV. Not sure if that makes a difference but I will look into it deeper and see how that pans out.

Learning - A never ending quest for knowledge usually attained by being thrown in a situation and told to fix it NOW.

 

[strongm]

>dealt with many BIOS passwords that were not clearable via this method

As indeed have I, eg the HP ProBook series.


>We are not a VMWare company but instead use HyperV

I presume you mean you are not a vSphere/ESX company ... VMware is the company name and it has products unrelated to its virtualisation technology … Airwatch is one such product. And they offer it as a cloud-based subscription service called Workspace ONE, so you don't necessarily have to set up an onsite platform (note, I've not actually used Workspace One)

Another alternative - which is what we currently use, but mostly for phones and tablets - is Blackberry Work (used to be called Good)

 

[LoPath]

We use Symantec Endpoint Encryption for laptops and AirWatch for phones.

LoPath
Maintain HiPath 4000 V5 & V6, OpenScape Xpert V4, OpenScape Xpressions, OpenScape Contact Center V8, OpenScape Voice V9