What’s your plan for when a device is lost or stolen?

For any business that has been trading for a few years, theft or loss of a computer/phone/tablet is inevitable.
How your business responds to these situations is crucial. Have you got a plan and procedures in place to protect your staff and business?

Recently one of our clients (an Accounting Firm) found themselves in this unfortunate situation. One of firm’s employees lost their laptop whilst traveling home from work via public transport.
The staff member quickly and diligently retraced their steps, searched high and low for the device, checked in with train station staff but alas no luck in finding it.

Fortunately, they then followed Runtime’s ‘Missing/lost device response plan’ and rang through to our support team, explained the situation and asked for what needed to be done next.
Our team followed our internal processes and asked the required questions:

• Where did you last have the device?
• Have you retraced your steps to find the device?
• Were there any personal identifiers in the carry bag?
• Have you reported the item as lost to your manager?
• Have you reported the device as lost/stolen to Victorian Police?
• Have you reported the item as lost to the office/venue’s reception team?
• For security/privacy reasons, are you ok if we initiate a remote erase of the device?

Due to the nature of the Accounting industry and how much private information about clients a device has access to, we needed to act quickly to avoid any potential privacy issues.

Our staff emailed & called the manager in charge, advising the best course of action and requested approval to initiate a remote erase.
Once approval was provided, we were able to remotely erase the device. We then went about re-securing the affected users accounts by:

• Signing out all current Microsoft 365 sessions
• Resetting the users Microsoft 365 password
• Check for any new logins on Microsoft 365 and check for any email forwarders put in place.
• Having the user reset their passwords to Xero, their accounting software suite, internet banking password and other relevant accounts.

Fortunately, all our clients are required to run Bitlocker or some form of drive encryption on their devices, and coupled with a quality response plan the risk of having data leak into the wrong hands are mitigated as best possible.

How can this situation help your business?
Here are the learnings and take aways…

• Have a plan in place for what to do and ensure your staff understand.
• Ensure all devices are backed up, or data is stored in a cloud environment.
• Act quickly. It is better to act fast and erase a device than risk a privacy breach.
• Always use drive encryption on devices where possible.
• Ensure your business has a quality password policy in place.
• Always use MFA on any online accounts.
• Speak to your IT provider and ensure you have the ability to remotely track/erase devices.
• Have an identifier sticker on the bottom of devices “If found please call xxyy. Reward available” It is important not to provide too much information on these stickers – no need for a company name, just a contact number.

As always, if you have any questions then give the team at Runtime IT a call. See how we can help your business stay secure.