While the process of finding the right law enforcement official to respond to a theft may take some legwork, most police departments and federal agencies are responding more aggressively to the reports, according to Ben Haidri, vice president of business development for Absolute Software, which markets the LoJack brand of laptop tracking tools.įor its part, Absolute Software, based in Vancouver, British Columbia, operates a “recovery team” of former law enforcement workers whose specific job is facilitating interactions with local police departments in the name of tracking down stolen devices. Next Page: Law enforcement is getting more responsive. Other experts agree that calling the cops is one of the first things IT managers should do after a laptop theft, regardless of fears that word of a potential data loss could become public as a result of filing such claims. In addition to the added support in finding the missing device, bringing law enforcement into the picture transfers some of the burden of recovering the machine from the affected company over to police, Firstbrook said. One of the best things a company can do to respond to a laptop theft is to get in touch with the appropriate law enforcement officials as quickly as possible, the analyst said. “In this type of scenario businesses need to ask themselves if they treat their customer records the same way they treat money, and if they respond the same way to losing 100,000 files as they would to losing $100,000.” zimages/4/28571.gif Click here to find out how not to get fired for losing your laptop. “If a company makes a mistake, they need to admit it right away and let people know, so they can try to solve any related problems trying to wait it out has proven to only make matters worse,” said Firstbrook. Just as in Fidelitys case, where security policies were circumvented for the purpose of facilitating a specific meeting, companies are often their own worst enemies in terms of allowing workers to ignore existing security guidelines in the name of getting business done.īased on that reality, said Peter Firstbrook, an analyst with Gartner, in Stamford, Conn., enterprises must be ready to deal with the work that needs to be done to respond to and minimize dangerous information leakage from laptop thefts. Some would say that Fidelitys efforts might seem like “too little, too late,” at least in the case of the affected HP workers, but experts warn that many companies may not be as well protected from the threat of stolen devices as they may initially think. “We already had strict measures in place and its not our practice to have that level of data on a laptop, but it had been allowed for the purpose of a particular business meeting.” “Its an ongoing process for everyone weve accelerated the process of encrypting data on laptops and expanded information security training for all our employees,” said Anne Crowley, a Fidelity spokesperson.
In Boston-based Fidelitys case, a laptop containing the information of 200,000 employees at customer Hewlett-Packard was taken from an employees car outside a California restaurant in March.Ĭompany representatives said the firm has already escalated its work to improve equipment and data-handling policies in the aftermath of the public relations disaster. Navy to financial services giant Fidelity Investments reporting incidents in the last six months alone.Įxperts say the manner in which companies respond to such incidents, and the strategies they employ to improve their device security, will determine the impact that stolen laptops will have in putting affected companies information at risk. Its the call that no IT manager wants to receive, but one thats clearly ringing bells across the world of enterprise security: An employees laptop computer has been stolen, and it may contain sensitive data.Īs a spate of recent incidents make clear, laptop computer thefts and the related data exposure are a serious issue, with organizations ranging from the U.S.