IT Security Tip #11: What to do BEFORE you go to Starbucks with your laptop…
So you’re in the car on the way home from Starbucks, basking in the glow of consuming your triple-shot, low-foam, extra-hot pumpkin-spice latte when you suddenly realize your laptop has gone missing. You drive back like the caffeinated lunatic you are, only to discover no one has turned it in. What do you do? That depends on what precautions you have (or haven’t!) taken.
If your computer is under the active management of someone like Cole Informatics, or you have installed tracking software in advance of the loss, you have a much better chance to get the laptop back. If neither of these are applicable to you, well, you’re probably out of luck. We had a client just two weeks ago recover a stolen laptop months after the fact because our monitoring software alerted us when the criminal got on line with it again. The client recovered the machine and the perp got put in the pokey. It was a good day!
Consider the following and get informed on what’s possible before you find yourself in this situation.
#1 – To protect your data from theft even if you laptop is gone, make sure its encrypted and you have used a strong password on the computer. Encrypted data can’t be read by someone without the decryption process and your strong password is the key to that process.
#2 – Go right now to a website called PreyProject.com. Its free for up to 3 devices, which can include your phone and a computer or two. If your device is ever lost or stolen, this software will provide the means to track it, in real-time, just like a LoJack device on a car. With the information Prey gives you, and with the assistance of police, you’ll very likely get your device back! Installation is simple as well and after its installed, it just runs in the background. It works on any modern computer or smart phone operating system.
#3 – If you’re a business, make sure your computers are managed by someone that installs their management software on each of your computers. Its this software that alerted us that the clients stolen laptop was back in business all of a sudden. We used it to install Prey after the fact while it was in the criminal’s hands…they had no idea we did it!
#4 – For mobile devices, like iPhone and Android phones, if you’re using hosted Exchange or Gmail, you can probably “remote wipe” the email content. It won’t bring your device back, but you can likely prevent sensitive personal or business email stored on it from being read by the bad guy.
But the first thing to do, if you find your device has been taken, whether or not you’ve taken those precautionary measures, is to notify your IT department that you’ve lost your device. That will allow them possibly to change passwords and lock access to applications when the laptop next connects to the internet and “checks in” to the remote management software used by your IT department. It may also be possible to remotely “wipe” or “brick” your device to make sure no one will be able to gain access to the data stored on it. (Which is also why it’s CRITICAL to back up your data continually!)
Next, change ALL the passwords to every website you log in to, starting with any sites that contain financial data or company data. This is where a tool like LastPass or RoboForm will make your computer life so much easier to manage.
If your laptop contained medical records, financial information, or other sensitive data (like social security numbers, birthdays, etc.), or even a customers name and address, then you may need to contact a qualified attorney to understand what regulations you may have just violated and which may require to notification of individuals who may be affected. Losing data can be a very, very big deal.
Quite simply, an ounce of prevention is worth a pound of cure; so make sure you’re engaging someone (we’re a great candidate!) to encrypt and back up your data, as well as put remote monitoring software on all mobile devices. Put a pin-code lock or password requirement to access a device after a few minutes of inactivity, and get into the habit of logging out of websites when you’re done using them. Use a password manager like RoboForm or LastPass or your iCloud Keychain if you do Mac stuff.