A single lost or stolen laptop costs a business an average of nearly $50,000. At least, that’s the word from an Intel-sponsored study by the Ponemon Institute. That figure is based on Ponemon’s recent voluntary survey of 28 US companies reporting 138 separate cases of missing laptops. The value of a missing laptop was calculated by factoring replacement, data breach cost, loss of productivity, investigation cost, and other variables. The value of a lost laptop to a firm cost an average of $49,246 according to Ponemon. Minimum damage calculated in the survey was about $1,200, and the maximum reported value was just short of a cool $1m. This amount takes into account replacing the laptop, forensics, data breach, legal matters, lost productivity, and consulting expenses.
It is difficult to put a price on lost documents, photos or other media which cannot be recovered once taken. This doesn’t take into consideration employee or employer data. Think about the time you have spent creating the documents and media that was stolen. According to this survey, employees were most likely to lose a laptop while traveling, at the hotel, airport, rental car, or conference. Yet many businesses do not provide security training.
Here are some tips on how to reduce laptop theft and minimize the damage done to the business in the event the laptop does go missing:
Most commonly manufactured laptop computers have a small hole in them called a Kensington Security Slot – this is used with a compatible cable which will let you easily lock a laptop to a piece of furniture. (Just search for ‘Kensington Lock‘ if you want to order a cable.)
Prevent valuable data from falling into the wrong hands by encrypting laptop hard drives. Only validated users with correct passwords can access this data: the data is completely useless gibberish to anyone else otherwise. Microsoft’s BitLocker technology is a feature in Windows 7 and 8 that accomplishes this task simply and transparently. Apple users can use FileVault.
Most companies have automatic security policies that require complex passwords which should be changed every few months, but even if your company doesn’t have this in place (common with fleets of Apple equipment) you should educate the staff about it.
With this technology, all information stays inside the company’s IT perimeter. This setup can be configured so that no business-critical information actually sticks around on the laptop. A user logs into the Remote Desktop Server and performs all of their work on that server using their laptop as a remote terminal.
Many laptops now offer the option of tracking software out of the box; you can still install third-party tracking software (like “lo-jack for laptops”) which will “phone home” if the laptop is stolen. Note that some criminals have caught on to this and will wipe the hard drive before booting the laptop to connect to the Internet, so this type of software may not work unless it is actually built-in to the laptop’s BIOS (firmware/boot up code.)