What to do When an Employee’s Device is Stolen
With so many people working remotely, personal and company devices have access to a lot of company data. Some even have private business information stored on the device itself.
This scattering of business data opens the company up to some serious security risks. One of the biggest risks comes from device theft. When a device is stolen, it can put personal and company data at risk.
There are a few things you can do to mitigate the damage in case your device is ever stolen, and then there are a few things you need to do in the event that it IS stolen.
3 things NOT to do BEFORE your device is stolen
Don’t leave your device logged in or without a passcode
One of the best ways to secure your company data from the thieves that now have your device is to lock it with a passcode, especially if you are not actively using or looking at the device.
These days it can be so easy to login to your secured device through biometrics like fingerprints or facial recognition. It doesn’t usually take any extra time to get logged in, and the device is infinitely more secure.
Without this simple security measure, the thief could have access to any amount of secured data that you are able to access, including personal bank accounts, client data and more!
Don’t store anything locally
There are so many options for cloud services these days, that storing anything on a device is already a bad idea. Aside from theft, this is a great way to lose data.
Hardware can fail, files can get corrupted, and of course devices can get stolen. Storing an important file in one location on a device is just asking for it to be lost.
Files can be stored in OneDrive if you have a Microsoft 365 subscription, or you can use other types of CRM tools to keep customer and client data safely in the cloud.
The other problem with leaving data on the device itself is when the thief utilizes tools to bypass security passcodes to access the local files. Without local files, this would not be an issue.
Don’t leave it out in the open
This might seem like a no brainer, but people still don’t protect devices when they walk away from them. They run to the bathroom at a coffee shop and leave their laptop and phone right on the table. Or they run into the store and leave their devices right on the passenger seat of their car.
Devices get stolen every day in these seemingly avoidable situations. They are also stolen frequently from purses, back pockets and more. It can be more difficult to access your device when you secure it, but those few extra seconds could save you a big headache in the long run.
3 things to do if your device is stolen
Unfortunately, even when you do everything right, your device could be stolen. When that happens, acting quickly can make all the difference in the world.
Call IT right away
As soon as you realize your device is missing, notify the proper people. There are specific things that can be done to the device to ensure the least damage possible. The longer you wait to tell someone, the harder it will be to mitigate that damage.
Contact your boss, your IT department, your managed IT services provider, or anyone else that can help make sure your device has been secured.
Set alerts for when the device comes online
Depending on the device, and the thief, you may be able to track where it ends up and possibly recover it. This doesn’t often work out, but when it does, it can be a huge life saver.
Most professional technology thieves will wipe the device before it ever has a chance to check in on the internet, but a person committing a crime of opportunity might not be as smart.
There are various types of “lo-jack” programs and devices for computers that can help you track them down in the right circumstances. Managed services providers can typically use the management software to set up an alert to notify them if the machine comes online.
Again, these alerts don’t always work, but make sure to set it up just in case.
Schedule a remote wipe
If the machine does come online, you would want to make sure to wipe the data from the device. This is usually done through management software on the device itself. A command can be created to delete all data from the device if it comes online.
If it never goes online, the criminal likely just wiped the machine themselves to prevent them from being discovered. In either case the company data would be protected from malicious attackers.
Quick action is the most important part of ensuring your company is protected in the event a device is stolen. Don’t hesitate to bring the action to light so it can be dealt with right away.
Eric is the owner and CEO of Protek Support and is a CISSP (Certified Information Systems Security Professional). He graduated from Utah State University with a Bachelors of Science degree in Business with an emphasis in Information Technology (IT). He is an IT Services expert in a variety of technology related fields. Some of these fields include document management software/hardware, enterprise level networking and VoIP phone systems, as well as large scale software implementation projects and the setup of small business networks.