How to Limit Company Exposure When You Lose Your Phone or Laptop
COVID-19 drove conversation on remote work to the fore. A substantially larger number of people are working from home than there was pre-2020. With remote work and telecommuting comes an elevated risk of losing company laptops and phones.
When that occurs, the sensitive data may fall into the hands of bad actors thus potentially exposing you, your employer, coworkers, customers and vendors to fraud, identity theft, extortion, data loss and misrepresentation. You cannot completely prevent laptop or phone loss. It’s important that you have a plan in place to minimize company exposure. These tips can help keep your risks at a minimum.
While it might feel somewhat embarrassing to announce you lost a company laptop or phone, reporting the incident as soon as you realize it has occurred is crucial. Inform your employer, law enforcement, and, if applicable, the mobile provider and building management. There are good reasons.
First, you want as many hands on deck as possible. On your own, it may be hard to think straight or recognize the range of responses at your disposal. Second, every second counts. The quicker you report the loss, the faster countermeasures and damage control can be deployed. Though rare, it is even possible for a lost device to be recovered before it falls into the hands of criminals.
Just because your laptop has gone missing does not necessarily mean the thief was interested in it. Perhaps they grabbed your backpack in the hope of finding cash, cards, watches and jewelry then tossed the bag and the rest of its contents in a bin nearby. This is a rare scenario but acting quickly by scouring the area including bins and pawn shops could help you get the laptop before someone else does.
Another thing you should do with speed is log out of all sessions and change passwords. Many consumer and enterprise applications will give you the option to log off all currently active sessions. This would ensure the thief won’t have access to your profiles if they managed to log into the laptop or phone.
Activate On-Device Security Software
Many portable gadgets are now equipped with remote-activated security tools either from the device manufacturer, operating system developer or the employer. These solutions envisage a scenario where the gadget may be lost and seek to block access as much as possible.
As soon as you are aware of the loss of your laptop or phone, remote activate any on-device security where you can. Such tools would lock the device, wipe out all data, track device location, secretly take pictures of the thief or any combination of these actions. Beware though that seasoned phone and laptop thieves know this could happen and so keep the device offline.
Preempt Fraud and Identity Theft
If the thief accesses your device, they may stumble on company, employee and customer documents and emails. This information could be used to perpetrate fraud and identity theft. You can preempt that by notifying your employer who would then let affected customers and employees know.
The affected parties would in turn contact their banks, credit card issuers and credit reporting agencies to place a flag on their accounts that compels additional verification before any transaction is approved.
Save to the Cloud
Minimizing data loss is a key reason many organizations moved their applications and data to the cloud. Employees access enterprise systems through a browser or a local client which means company data remains on the server. Still, for practical reasons, companies will not completely restrict employees from downloading files to their PCs or phones.
Make a deliberate decision to keep company data on your device thin or nonexistent. Regularly review downloaded files and permanently delete any confidential company files.
Hard Drive Encryption
A tech-savvy thief knows that though they may have difficulty logging into your laptop they can still access the data by removing the hard drive and plugging it into another computer. So just because your laptop requires a login does not mean the information on it is safe.
Just because your laptop requires a login does not mean the information on it is safe
To block hard drive access, you need hard drive encryption. Depending on company policy, you could use the operating system’s own hard disk encryption tool, or a company issued/recommended one. This renders the information in the hard drive useless to the thief.
Working on the go has plenty of benefits for both company and employee. It does introduce fresh challenges in keeping confidential business information secure. These risks grow by orders of magnitude when the laptop or phone falls into the wrong hands.
Device loss may be well planned out such as when a hotel worker steals it from your hotel room. It could also be opportunistic like when you forget it at an airport.
If you or your Orlando area business have lost a company laptop or phone, or would like to apply measures that keep company exposure at a minimum if it happens in future call 407-536-8381 or reach us online.