Last Updated on September 6, 2024 by Sereno Admin
We often think of cybercriminals as evil geniuses working in ‘MI5-style’ control rooms, continually working to uncover weaknesses in the cybersecurity of businesses and individuals internationally.
In reality, it is often not that glamorous. You have likely passed cybercriminals in the street and been none the wiser, particularly the type that are targeting small businesses. They are normal people, and they are opportunistic; always looking for the most efficient way to gain access to your data and make it lucrative. Which is why laptop loss or theft should be taken extremely seriously.
With the rise in back to office working and subsequent ‘after work drinks’ in UK cities, laptop thefts are on the rise. Cybercriminals observe people’s behaviours in these environments and know exactly how to spot and take advantage of opportunities to steal valuable devices.
Consequently, robust cybersecurity measures are crucial, both in personal and professional contexts. In the event of laptop theft or loss, poor laptop security and data protection could lead to cyber-attacks, data breaches, and considerable GDPR or ICO fines.
In this blog, we’ll outline the immediate steps you need to take if your laptop is lost or stolen. Plus, the security precautions your business should take, and how your IT provider should be supporting you in protecting your devices.
If your laptop is lost or stolen – what do you do?
So, you’ve found yourself in the unfortunate situation of losing your laptop, being stolen, or being swiped? Don’t panic! Here are the immediate steps you need to take:
- Wipe your device
Remote wiping enables you to remove all data from your device no matter where you are, particularly in the event of loss or theft. If you are separated from your device, remotely wiping it should be your priority – this will combat against cybercriminals looking to steal or manipulate your data. To find out how to remotely wipe your device, contact your IT partner or internal IT team, they should have measures in place for this.
- Notify the authorities
File a police report, detailing as much as possible about what has occurred. Be aware that you may need a police report for an insurance claim. Also check with your IT company, if its work device, as they may have device tracking abilities to provide to the authorities.
- Alert your bank and credit card providers
Notify necessary banking authorities, personal and corporate. They can advise on the best next steps to protect your finances.
- Change your passwords
If your laptop didn’t have proper security measures in place, like multi-factor authentication, mobile device management and device encryption, it’s imperative you can all your passwords as soon as possible, particularly to important or sensitive accounts.
Because if someone steals your laptop, they can get into your emails and see your info, including passwords for other things. And if they get into your personal stuff, like your password keeper or Google account, they might find more passwords. So, changing passwords quickly can help stop people from getting into your important accounts and data.
When changing your passwords, make sure to use a variety of complex passwords that include a mix of numbers, letters and symbols and no recognisable words. A password manager is a useful tool for creating and storing complex passwords. If you didn’t have proper security measures in place on your device, or if you’ve stored passwords somewhere on your device, it’s imperative you change all passwords as soon as possible.
- Stay vigilant
You know your laptop is missing, but you don’t know where it is. As a final precaution make sure to monitor any unauthorised activity or access to your accounts. If someone tries to log in to your accounts from an unknown location you’ll likely get emailed. If it wasn’t you trying to log in, you’ll then be guided on how to proceed.
Precautionary measures to keep your laptop protected
Well, let’s face it, life is unpredictable, and the chance of losing your laptop is always lurking, whether it’s left behind in a taxi or misplaced at the pub. We’ve all heard stories of staff misplacing their laptops, from juniors to seniors employees. So, what’s the game plan before disaster strikes? And what can be done beforehand to ensure your precious device stays out of harm’s way?
There are plenty of preemptive measures that can be taken to minimise potential damage. Here’s a rundown of some precautionary measures you can implement to safeguard your laptop from the possibility of loss or theft.
- Device encryption – device encryption enables you to transform data on your device into meaningless symbols in the event of loss or theft. In doing so, you render the data useless, meaning that cybercriminals cannot manipulate it or use it maliciously. Note that Mobile Device Management is required for device encryption.
- Complex password policy – implementing a complex password policy makes it more difficult for cyber criminals to decipher your passwords. Complex passwords should be at least 10 characters long with a mix of numbers and symbols and include no recognisable words. A secure password manager can be a simple way to enforce this, and not forget them after.
- Mobile device management (MDM) – MDM enables you to enforce certain rules on corporate devices that will keep them protected in the event of loss or theft. For example, screen lockout that locks the device after a set period of inactivity,password lockout that blocks an account if it experiences too many incorrect login attempts or locking the device down completely. Likewise, Mobile App Management (MAM) can give you similar capabilities for apps.
- Tracking software – Tracking software like ‘Find My Device’ for Windows or ‘Find My Mac’ for Mac can help you locate your device if it is lost or stolen. Having your device returned to you as quickly as possible reduces the chances of anything malicious happening.
- Anti-theft software – there is increasingly more sophisticated anti-theft software on the market that you can install on your device. This includes, smartphone notifications to alert you when your laptop leaves your vicinity, screenshots that can be taken silently to capture the appearance of your laptop thief, and system monitors that can send information like IP address and internet connections to the police.
- Cybersecurity training – rolling out cyber security training companywide is an excellent way to ensure your team knows how to protect their devices and company policy on how to proceed if it’s stolen or lost.
- Backing up your data – utilising cloud computing solutions to store and back all data, folders, files and applications means your team won’t lose access to anything important if their laptop is lost or stolen.
- Other simple best practices – there are other simple ways you can reduce the risk of laptop loss or theft on a day-to-day basis. These should be included in your employee security policy:
- Only store documents and data on devices if needed, otherwise store them in the cloud
- Don’t keep passwords recorded on devices in any way. If employees are concerned about forgetting passwords, use a password manager
- If you don’t have an IT manager or partner to properly manage your company devices, as the bare minimum, turn on device encryption yourself (just make sure not to lose your encryption key!)
Preventative device cyber in action – How it all works
This anecdote outlines how having proper a pre established protocol in place for lost or stolen devices will protect your business and its data. Picture this…
A Business Executive is on the way to an important meeting with a client. When they arrive at the clients’ offices, they realise they’ve left their bag in the Uber. The bag contains their company-issued laptop and mobile phone. Oh no!
Fearing a potential data breach, the Business Executive contacts their designated IT support provider immediately, explaining what’s happened. The IT team has a pre-established protocol in place for such incidents, so they’re able to act quickly. They first wipe both devices remotely, meaning they no longer contain any confidential data. They then report on the incident, proving that the device was encrypted and has been wiped, dispelling any potential data breach accusations.
The IT team then proceeded to the Business Executive a replacement device. Because all their files, data and applications were stored in the cloud, they’re able to access it immediately and get working again with limited disruption.
The prompt and efficient response from the IT provider was possible due to the following precautionary measures that had been implemented by the organisation:
- Mobile Device Management
- Mobile App Management
- Device Encryption
- Cyber Security Training
- Cloud Data Storage
- A Comprehensive IT Security Policy
The crucial role IT providers play in securing your devices
Your IT Support Partner will help you establish a robust IT security plan, that includes preventative measures to minimise damage in the event of device loss or theft. They will be able to advise on the best security measures for your business and how these will work together to combat threats.
When partnering with a reputable IT company, you will likely have one point of contact who will manage and guide you through any potential crises. So, if device loss or theft does occur, it’s critical you and your employees alert this person immediately. Additionally, they will collaborate with you to mitigate against the security issues that come with device loss or theft.
How Can Sereno Help?
Should you or one of your team lose one of their company devices, they should reach out to us immediately. We will take action instantly based on the security controls you have in place. Our friendly team is trained to guide you through the next steps calmly, removing as much stress from the situation as possible.
Specifically, the Sereno team will:
- Make sure you have the right preventative measures in place. Our Cyber Security Packages contain various security measures that are necessary to secure your devices, including encryption, remote wiping and reporting.
- Take action and manage the situation as standard. Plus, if you’ve chosen to implement security measures as part of our Cyber Security Packages, we’ll be better equipped to manage crisis situations.
- Once your devices are secured, we’ll organise new devices to be set up and sent out to the relevant employee. Tools like AutoPilot mean we can get devices built remotely in just one hour, minimising disruption to your productivity.
- When you partner with us, we will do a comprehensive audit of your IT environment. This will enable us to spot any weaknesses in your security and advise accordingly. We’ll then meet with you on an ongoing quarterly basis to ensure you continue to be protected.
- We will provide Remote Management tools as part of our support service. This means that we can work with you to enforce necessary security controls on your devices that will help combat data breaches in crisis scenarios.
- We will help you establish centralised policies that apply to all of your devices. As such, you can be sure that the protection measures in place are enforced and reportable at all times.
For more information on how we can support you in combating security breaches that could arise due to lost or stolen devices, contact us today.