BitLocker Disk Encryption: Boom or Bust? Computer Science 199r Final Project Write-up Kristen Lovin Introduction In August 2006, a laptop was stolen from the home of a staff worker of the U.S. Department of Veterans Affairs that contained the names, birth dates, and social security numbers of about 18,000 veterans and active-duty military personnel.1 This caused a huge wave of concern throughout the United States about the safety of private data—many realized for the first time that personal information given out even to trusted entities is never really safe, and there was really nothing they could do to absolutely ensure the security of their private data. The individual had no control at all—they had to provide this data to receive needed services, and they had no control over what was done with this data or how it was protected once given out. This was a very scary idea to many. Unfortunately, this case of data leakages resulting from stolen laptops is neither novel nor new. This incidence was only one of many cases of stolen laptops that have been reported within the last year: in December 2006, Boeing reported a laptop was stolen that contained the personal information of 382,000 employees, in March 2006, a laptop from Fidelity Investments was stolen that contained the data of 1,960,000 Hewlett-Packard employees, and in February 2007, the UK’s Nationwide Building Society reported a stolen laptop that contained personal information about 11 million customers and faced fines of £980,000. In today’s world of large-scale electronic data storage, security vulnerabilities through stolen laptops has become an increasingly serious problem and poses massive problems for the process of securing privacy in a digital world. In 2006, Microsoft announced the development of a new tool intended to protect against data vulnerabilities associated with the problem of the stolen laptop that will ship as a part of Windows Vista Enterprise and Ultimate: BitLocker Disk Encryption. Designed to protect against unauthorized accesses to hard drives from other operating systems or hacking tools, BitLocker encrypts the entire Windows volume—including swap and hibernation files—and relies on hardware support of a Trusted Platform Module (TPM) to lock the encryption keys that protect this data. Overall, BitLocker has received positive reviews from the tech community, and Microsoft has used it as one of Vista’s main selling points. In theory, BitLocker sounds great. But is it really? The costs of implementing BitLocker are incredibly high: it requires a relatively new computer that has: • Windows Vista Ultimate or Enterprise • Trusted Platform Module (TPM) chip built-in, version 1.2 or later • Trusted Computing Group (TCG)-compliant BIOS In most cases, organizations and individuals seeking the protection of BitLocker must buy an entirely new computer. BitLocker is also relatively complicated to set up. The laptop’s hard drive must be divided into two partitions before Vista is installed (one for BitLocker, one for 1 “Latest Information on Veterans Affairs Data Security.” USA.gov. September 6, 2006. http://www.usa.gov/veteransinfo/ Windows), and many times a BIOS upgrade is in order. Encrypted disks also function more slowly than non-encrypted disks, and this has the potential to negatively impact performance. (Please see the appendix for a complete technical description of BitLocker.) With such extraordinary costs, it is very important that laptop owners understand the conditions under which BitLocker is both an effective and practical safeguard against the stolen laptop problem. Problem Statement and Methods The goal of this project is to assess whether BitLocker disk encryption is an appropriate solution to the privacy issues raised by the stolen laptop problem. Specifically, this problem breaks down into three separate questions: • Does BitLocker effectively prevent data leakage when laptops are stolen? • Is BitLocker a practical solution? • When should an individual or institution adopt BitLocker? To answer these questions, this project employed a comprehensive series of case studies that examined how the presence of BitLocker would affect different types of stolen laptop scenarios. The different “types” of scenarios investigated involved differing combinations of the following key variables: • Budget of laptop owner • Amount of data lost • Sensitivity of data lost • Whether data was recovered or not • Cost of loss to owner Case studies were taken from real, recently reported instances of laptop theft that resulted in the loss of personal data, and chosen such that each case involved the same base story (a stolen laptop resulted in loss of personal information), but significantly differed in the variables identified above. Each case was analyzed as follows: I retraced the details of the incident, assessing how differently it would have played out if the stolen laptop had BitLocker on it. Then, using data collected about the owner in question, I identified what would have had to have happened to ensure the stolen laptop did have BitLocker, and judged how appropriate those actions would have been for that owner. After conducting this analysis on every case study, I combined my findings to reach more general conclusions about the nature of BitLocker and the conditions under which its adoption is appropriate. Stolen Laptop Case Studies Large Corporation with Potential Cost: Fidelity Investments / Hewlett Packard On March 15, 2006, Fidelity Investments announced that a laptop containing the personal information of roughly 196,000 Hewlett Packard (HP) employees was stolen during a meeting that took place at an off-campus site.2 Data stored on the laptop included names, addresses, Social Security numbers, dates of birth and other employment-related information, but not the personal identification numbers required to log on to Fidelity services, according to Fidelity officials.3 Fidelity claimed the laptop was loaded with this information specifically for the purposes of the meeting, and is not typical of the amount of personal data stored on company laptops. “We limit significantly the use of such confidential data outside of Fidelity to only those instances where the information is appropriate or required for meetings,” Anne Crowley, a Fidelity spokeswoman, told the press.4 “It is not our practice to have that level of data on a laptop,” she asserted.5 Fidelity claimed that the data on the laptop was used by a piece of third- party software with a temporary license that had since expired, but cited no other protection of this data. Data stored on the laptop included names, addresses, Social Security numbers, dates of birth and other employment-related information, but not the personal identification numbers required to log on to Fidelity services. In response to the incident, Fidelity offered affected HP free enrollment in a one-year credit monitoring service, and promised to require extra authentification for these accounts. It also pledged to take responsibility for any money that was stolen from these accounts in connection with this data breach. No information was offered on how many HP employees took advantage of these promises, and what the overall cost for this breach was to Fidelity. Had BitLocker been installed on the stolen laptop, it would have been very unlikely that the thief could have gained access to this information. Because most corporate networks require a username and password to log in, it is likely that this computer would have been password protected. Without knowledge of username or password, the thief could not have logged into the computer to view the information normally, and, because of BitLocker, the hard drive itself would have been unreadable if the thief had removed it and tried to read it with another computer. Simply put, BitLocker would have been an effective means of preventing this data leak. I then move to considerations of feasibility and practicality. Fidelity Investments is the largest mutual fund company in the United States, claiming revenues of $11.1 billion and net income of $1.3 billion in 2005.6 This indicates that it does possess the financial ability to shoulder relatively large costs (to support a move, for example, to BitLocker), although the structure of its budget ultimately dictates where it spends this money. Nevertheless, the cost of introducing BitLocker as a security measure is still a significant cost. The cost of full implementation of BitLocker can be estimated as follows: Fidelity employs roughly 32,000 people7. Conservatively estimating that 30% of these people are laptop bearing, this means that roughly 10,000 new BitLocker-ready laptops need to be purchased. If they get a good deal on this purchase and buy these machines for $2000 each, this translates roughly into a total cost of $20 million. 2 http://www.infoworld.com/article/06/03/23/76748_HNstolenlaptop_1.html 3 http://news.com.com/Laptop+with+HP+employee+data+stolen/2100-7348_3-6052964.html 4 http://www.infoworld.com/article/06/03/23/76748_HNstolenlaptop_1.html 5 http://www.infoworld.com/article/06/03/23/76748_HNstolenlaptop_1.html 6 http://bostonjobsource.com/fidelity.html 7 There are also other costs associated with implementing a complete BitLocker scheme. Even with the right hardware, BitLocker would require a significant amount of IT power to roll out, as BitLocker computers require very specific setup and installation procedures. In a large, profit- maximizing firm like Fidelity, IT is never the priority, and it is unlikely that amount of resources needed to roll out such an extensive change will be at Fidelity’s disposal. All these costs, then, must be weighed against the costs Fidelity would incur if data was breached to ultimately determine the practicality of such an implementation. The cost of the promises Fidelity made with response to this incident can be estimated as follows: Credit reporting services average $15 a month,8 so enrollment in one of these services for a year for all 196,000 HP employees would roughly cost $35.28 million. Extra authentification is relatively inexpensive, but might require some changes to the system, in which case the cost would just be the salary of the developer hired to make these changes. Compared to $35.28 million, this cost is very small, so it can be neglected from the estimation. Stopping here, it is clear that Fidelity was already willing to pay more than what the estimated cost of a full implementation of BitLocker would be. In all likelihood, not all HP employees took advantage of the credit monitoring service, so the actual cost of this data breach was significantly lower. However, Fidelity’s willingness to pay this amount in damages indicates that it is likely it would also be willing to pay for a full BitLocker implementation. Other options exist, too, other than completely adopting BitLocker or not. Fidelity could also choose to phase in BitLocker, first adopting it for employees who handle the highest amount of sensitive data and then work down. This would ease the financial burden of implementation, and makes a BitLocker solution all the more enticing. Large Corporation with Automatic and Potential Cost: Nationwide (U.K.) In August 2006, Nationwide Building Society, Britain’s largest building society, reported a laptop was stolen from an employee’s home that contained personal information about 11 million customers.9 The computer contained customer names and account numbers, information, experts said, that “identity thieves…could [use] to take out credit cards in customer’s names.”10 Despite these claims, Philip Williamson, Nationwide’s chief executive officer asserted that “[t]here is no chance of any customer suffering any financial loss on their accounts as a result of this” and promised customers that the company has “tightened up our already high security procedures and this should ensure it couldn't happen again.”11 Nevertheless, Britain’s Financial Services Authority (FSA) fined Nationwide over £980,000 ($1.935 million) for this carelessness.12 “Nationwide is the UK's largest building society and holds confidential information for over 11 million customers,” the FSA said in defense of the fines. “Nationwide’s customers were entitled to rely upon it to take reasonable steps to make sure their personal information was secure.”13 Nationwide reported that no loss of money on customer accounts 8 http://www.fightidentitytheft.com/credit-monitoring.html 9 http://news.bbc.co.uk/1/hi/uk/6160800.stm 10 http://news.bbc.co.uk/1/hi/uk/6160800.stm 11 http://news.bbc.co.uk/1/hi/uk/6160800.stm 12 http://news.bbc.co.uk/2/hi/business/6360715.stm 13 http://news.bbc.co.uk/2/hi/business/6360715.stm was reported in response to this incident, and made no guarantees about how they would handle such instances if they arose. BitLocker would have effectively guarded this data against unauthorized access. Because most corporate networks require a username/password to log in, it is likely that the laptop was password-protected, preventing the thief from being able to log in and view the data normally. BitLocker, then, would have prevented the thief from gaining access to the data via the hard drive. These two protections combined, BitLocker would have effectively kept the data safe from any kind of identity theft. From a feasibility standpoint, Nationwide’s financial capability does seem to be more appropriately aligned with the implementation requirements of BitLocker. Nationwide is Britain’s largest building society, reporting revenue of £1.63 billion ($3.22 billion) and profits of £539.4 million ($1.066 billion) for the year in 2006.14 Such profits do suggest that Nationwide is financially capable of relatively large costs (such as that of implementing BitLocker), if it makes room for it in its budget. Using similar methods to the Fidelity case study, it is possible to estimate the cost of implementing a BitLocker scheme for Nationwide: according to a 2006 report, Nationwide has 16,644 employees.15 Assuming 30% of this group is laptop-bearing and it costs about $2000 to outfit each employee with a BitLocker-enabled laptop, adopting a full BitLocker scheme would roughly cost Nationwide $10 million. Although this is still a significant amount of money, it does seem to be a more appropriate order of magnitude for Nationwide. Considerations for the cost of this last incident of data loss additionally informs this analysis. Comparing fines Nationwide faced (over $2 million) with the estimated cost of implementing BitLocker ($10 million) and also taking into account the tightening of Nationwide’s policies in response to this first theft might decrease fines in the case of a second theft, implementing a full BitLocker scheme still does not seem justifiable. Although full implementation might not seem appropriate given this comparison, it may seem feasible to phase-in BitLocker. If, for example, Nationwide began by purchasing BitLocker- enabled laptops for 1,000 of its employees who handled the most personal data, it would greatly reduce the risk of personal data loss in further incidents of theft and would break even with respect to its original costs. This seems an appropriate alternative for Nationwide. Smaller Nonprofit with no Cost: Louisiana State University On April 4, 2007, a business professor’s laptop that contained the personal information (social security numbers, names, and grades) of roughly 750 students at Louisiana State University (LSU) was stolen from his house.16 Unlike the Fidelity incident, this case seemed to involve much greater degree of ignorance on the part of the laptop owner regarding the risk his laptop 14 Sustainability Report http://www.corporateregister.com/a10723/nation06-sus-uk.pdf 68 15 Sustainability Report http://www.corporateregister.com/a10723/nation06-sus-uk.pdf 16 http://media.www.lsureveille.com/media/storage/paper868/news/2007/05/03/News/Stolen.Laptop.May.Hold.Id.Nu mbers-2892874.shtml posed to personal data. According to the LSU Daily Reveille, “the faculty member did not immediately realize that the laptop could contain personal information.”17 “People aren't necessarily aware of what they've got on their computers,” it cited a university official as saying. “Thinking about what was lost on the computer is sometimes an afterthought.”18 According to LSU, the laptop is still missing, but no students have reported suspicious activity on their student or bank accounts since the incident. The university made no guarantees about covering the cost of associated damages to this incident, if ever some arise. Because this was the personal laptop of a professor and because it is very likely the professor was not too technically inclined (based on comments above and the assumption that business professors are not usually very techy), it is highly likely that this laptop was not password- protected. In this case, BitLocker would have only been very limitedly effective. The student’s data still would have been protected if the laptop’s hard drive were taken out and connected to another computer, but nothing would have stopped the thief from simply turning on the computer and attaining the data this way. BitLocker also renders itself relatively impractical in the case of LSU. A non-profit organization that is largely funded by the state (it expects $758 million for the coming year19), LSU has no extra room in its budget to pay for technology as expensive as BitLocker. In a university with an enrollment of over 26,000 students and over 1,000 professors, it would cost (using the same estimations applied to Fidelity) well over $2 million to outfit all faculty members with BitLocker laptops, a cost too great and objective too narrow for its budget to support. Phasing-in BitLocker also still proves to be too expensive, and would be incredibly difficult, given that all professors handle equally sensitive student data and it would be hard to chose how the distribution should be handled. Adopting BitLocker further seems inappropriate in light of the fact that LSU never offered to reimburse students for damages suffered from this lost information. Because of this, LSU effectively suffered no financial cost (other than potentially needing to replace that professor’s laptop) due to this incident. Although it is possible that the university could get sued, or be forced to pay some damages for this infraction, the current state of this incident provides no motivation to adopt BitLocker. Why pay a lot to prevent an incident that would cost relatively little in the first place? Smaller Nonprofit with Recovery and little Cost: Highland Hospital In April 13, 2007, two laptops—one of which contained sensitive patient data (name, contact information, and social security numbers)—were stolen from a business office in Highland Hospital in Rochester, New York.20 Over 13,000 people were affected by this breach, the 17 http://media.www.lsureveille.com/media/storage/paper868/news/2007/05/03/News/Stolen.Laptop.May.Hold.Id.Nu mbers-2892874.shtml 18 http://media.www.lsureveille.com/media/storage/paper868/news/2007/05/03/News/Stolen.Laptop.May.Hold.Id.Nu mbers-2892874.shtml 19 http://www.lsu.edu/externalaffairs/news/state.html 20 http://www.13wham.com/news/local/story.aspx?content_id=d70aed97-d001-4e3f-990d-50f9d8e32769 hospital reported. The laptop containing the patient data was later recovered, after being put up for auction on Ebay. Hospital officials reported that they could find no evidence that any of the personal information on the laptop was accessed by the thief.21 Rather, it stated, “the burglary was committed by thieves who immediately erased any information and sold the computers for quick profit.”22 It also noted that the machine was password-protected, which further decreased the likelihood that the thief accessed the patient data. In response to this incident, the hospital promised to change its security procedures, and created an information line for concerned patients.23 From an effectiveness standpoint, BitLocker could have helped this situation in two different ways: first, because the computer was password-protected, the addition of BitLocker would have made it nearly impossible for the thieves to access the data stored on the computers. With password protection guarding entry at the login level and BitLocker guarding entry at the hard drive level, BitLocker would have effectively prevented unauthorized access of this data. Second, because the laptop was recovered, BitLocker would have helped authorities conclude if the thief had attempted to access the data on the laptop, as BitLocker’s locking-out feature indicates if an unauthorized attempt to access hard drive data has occurred. In sum, BitLocker would have been very effective both in protecting the data and ensuring patients that it had been kept safe from identity theft. Despite these expected benefits, BitLocker still may not prove to be the most practical solution in the case of Highland Hospital. Highland Hospital is a small to mid-sized teaching hospital for the University of Rochester Medical Center, with, according to a dean’s report, census levels of about 250 patients.24 According to a recent newsletter, the hospital’s budget is already relatively tight, and is expected to grow even tighter with recent cuts to state Medicaid payments.25 Although it is hard to estimate the exact cost of instituting BitLocker laptops in this hospital (in hospitals, most employees do not get their own laptop and it is hard to say how many would at Highland), it seems highly unlikely that a suffering budget would be willing to make room for an expensive piece of equipment that addresses such a limited problem. However, further considerations of the context of this case condition this finding. Maintaining the security of patient data is incredibly important to maintaining patient trust in that hospital, and ensuring the continuation of their business. Even though Highland did not have much money to work with, it still tried very earnestly to work within its budget to atone for this mistake, and maintain patient trust. Changing security procedures and establishing a hotline did not require any real, monetary cost to the hospital, but it took time that the hospital was willing to spend. Even though a full implementation of BitLocker on all laptops is out of reach financially for Highland, if just implementing BitLocker on even a few computers became financially possible, Highland seems willing to do it. 21 http://www.13wham.com/news/local/story.aspx?content_id=d70aed97-d001-4e3f-990d-50f9d8e32769 22 http://www.stronghealth.com/about/hospitals/letter.doc 23 http://www.13wham.com/news/local/story.aspx?content_id=d70aed97-d001-4e3f-990d-50f9d8e32769 24 http://www.urmc.rochester.edu/smd/about/newsletterArchive/newsletter12082006.cfm 25 http://www.urmc.rochester.edu/pr/vitalsigns/march05.cfm Discussion A summary of the cases discussed is shown below: Amount Cost of Sensitivity Laptop Budget Size Cost of data loss of data lost recovered BitLocker lost Fidelity 196,000 Relatively Most sensitive No Large: 32,000 $20 million, IT records large: (names, reported employe support estimated addresses, Social revenues of es at $35.28 Security $11.1 billion million numbers, dates of and net income birth and other of $1.3 billion employment- in 2005 related information) Nation- 11,000,000 $1.935 Less sensitive No Large: revenue 16,644 $10 million, IT records million (customer names of $3.22 employe support wide and account billion and es numbers) profit of $1.066 billion LSU 750 records $0 (no loss Sensitive (social No Small and Over Over $2 in security numbers, limited: $758 1,000 million, IT business… names, and million from professor support students grades) the state for s are stuck the coming at year university) Highland 13,000 $0 + loss More sensitive Yes Small and 250 Hard to say – records in patient (name, contact limited: patients less expensive Hospital trust/busin information, and numbers not than LSU, but ess social security published too much for numbers) budget A summary of findings from these cases is shown below: Effective? Practical? Outlook on adopting BitLocker? Fidelity Yes Yes Favorable Nationwide Yes If phased-in Limitedly favorable LSU No No Unfavorable Highland Yes Only if used on just a Limitedly unfavorable Hospital few computers In all cases where the stolen laptop was password-protected, BitLocker would have been an effective means of safeguarding the personal data that was stored on it. With a username/password protecting the data from exposure through means of normal computer usage and BitLocker protecting the data from exposure through reading the data off of another machine, the data was safe from unauthorized access. In cases where the laptop was recovered, BitLocker also would have been helpful in detecting whether the thief did attempt to access the data and assure customers that the protected disk withstood the attack. In assessing the practicality of BitLocker, the budget of the laptop owner was by far the biggest determinant in practicality assessment. In both cases of smaller organizations with limited budgets (LSU and Highland Hospital), a full implementation of BitLocker proved to be impossible. Indeed, a laptop owners budget is the enable switch on the BitLocker question. The cost of an individual instance of data loss (and related to this, the amount of data lost) was also an important factor in determining the practicality of BitLocker. This included both financial costs as well as cost in customer trust/satisfaction (and in turn future business). All cases where the cost of the lost records was nonzero also proved to be cases where BitLocker was determined practical to some extent, even if it was limited. Cost also worked the other way too: in cases where the cost was smaller than that of a full BitLocker implementation (such as Nationwide), a full BitLocker implementation was determined impractical, and the extent to which it could be implemented was scaled down. Sensitivity of data had an effect on the practicality assessment as well. This makes sense: the more sensitive data was, the more willing that organization would be to make room for it in its budget. Such was the case with Highland Hospital. However, financial issues took precedence over this issue whenever relevant. The issue of recovery does not have a big effect on whether a company should adopt BitLocker. Because the likelihood of recovering a laptop is really small, this benefit, overall, is not that compelling. One issue that this data does not address directly is the issue of risk. Because these case studies looked at individual instances of data loss Conclusions In summary, BitLocker is effective, but not necessarily practical in all circumstances. In many cases, it proves to be too heavy of an instrument, too costly for the relatively limited problem it seeks to correct. Several case studies examined evidence this behavior. Following the data collected in these case studies, we can then make recommendations as to the conditions under which the adoption of BitLocker is desirable. Specifically, an individual or institution should adopt a fully implementation of BitLocker under the following circumstances, listed from most important to least important: • It fit the profile of the cases investigated above – private information is stored on a laptop that is not 100% guaranteed to be safe from theft. • The owner has enough money to cover the costs of adopting a full BitLocker scheme • The series of actions that that individual or institution plans to take in that the laptop does get stolen costs more than what it would take to adopt BitLocker If that individual or institution does meet all these requirements, they should only adopt a limited BitLocker scheme (i.e. phase it in), depending on what money is available and how sensitive the data is that they are trying to protect. This limited adoption of BitLocker could be supplemented by changes in policy that only allow certain employees to download certain types of data, or restrict where laptops can be taken or used. Of course, this study has its limitations. The method of looking at cases of laptop theft only exposes the limitations of BitLocker within this context. It neglects other limitations, such as: • BitLocker is not effective if personal data is left unprotected in other places (i.e. on PDAs, external hard drives, paper files) • BitLocker does not help locate the stolen laptop – this remains lost forever • BitLocker may encourage carelessness with laptops, because individuals no longer have to worry about data loss This study also does not consider the effectiveness of other disk encryption solutions relative to BitLocker. This was beyond the scope of this study, but would be an interesting topic for later consideration. Although it may seem somewhat heavy in some circumstances, BitLocker is an effective solution to data loss in laptop theft that should be given serious consideration when companies are investigating potential solutions to this problem. As technology continues to advance, hardware will become cheaper and this may become more effective for a wider array of laptop owners. In such circumstances, new iterations of this study are necessary, to continue to determine the most effective means of protecting private information in our evolving, ever-more digital world. Appendix Technical Specification of BitLocker [omitted for time’s sake… see presentation for overview] Interview with individual about laptop theft I also interviewed one of my friends who had his laptop stolen this semester to see what interesting comparisons I could make between institutions and individuals. I did not have time to complete this analysis, but here is the text of this interview: 1. When/where/how was the laptop stolen? Give a brief account of the crime. The laptop was stolen in January, from the Lowell Dining Hall. I had left it there between lunch and dinner while I went to work. It was inside my backpack, at the high table; the backpack was entirely closed, with the exception of the cord coming out of it in order to charge the laptop. When I returned for dinner, it was gone; cord, laptop, and all. The backpack was still there, though; someone had opened my backpack and taken the laptop. 2. What were some of your biggest concerns after this happened? My biggest concern was, of course, the open-ness of Lowell House. Granted, I never should have left the laptop in the dining hall for an extended period of time, but it seemed apalling to me that someone would actually open my backpack and take my laptop out, in the middle of the dining hall, which is a place that I feel is close to home for me. So, I guess my biggest concern was people coming into Lowell from outside (I still don't believe it was a Lowellian) and invading our space, and especially stealing our things. 3. How costly would you say this incident was? (financial, psychological, etc.) Explain. It wasn't nearly as costly as it could have been. I had just backed up my laptop, because I was installing Windows Vista on it, so I didn't lose very much information. My mom's insurance actually covered 1/2 of the cost of the laptop, so that was a huge help financially. Psychologically, it kind of just sucked. I still am wary of leaving anything at all of value out in the house, even with people I trust. I think the most telling cost is the reaction I personally have when people ask me to watch things now; it kind of freaks me out, because I always wonder what would happen if, while I was supposed to be watching someone's stuff in the dining hall, it was stolen. 4. What type of data did you have stored on the laptop? Any personal information (about you or others) that would be useful to a thief (credit card numbers, bank account info, social security numbers, etc.)? How valuable was this data to you? I had some personal information on the laptop, such as my student ID, etc., but not financial informaiton. Also, to the best of my knowledge, none of this information has ever been used. 5. If you did have sensitive data on the laptop, were you concerned about the security of this data after the laptop was stolen? (In other words, were you ever worried that the thief would log into your computer, grab this data off of it, and use it for identity-theft type purposes?) I actually wasn't really concerned about it at all, until HUPD asked me about it. Then, I was a tad concerned, but not really after I changed my passwords on my accounts. 6. Was your computer password protected? Yes. 7. Suppose a product (software or hardware) existed that insured that the thief would not be able to access the data on your laptop. How much would you be willing to pay for this? Not really that much; at this point in my life, I don't really keep sensitive data on my computers. Perhaps around $50 or so.