Do you have a policy to deal with lost or stolen equipment?

Blog / Do you have a policy to deal with lost or stolen equipment?

It’s a good idea to have one.

There’s a pretty well-known phrase out there known as Murphy’s Law, and it claims (with often unfortunate accuracy) that anything that can go wrong, will go wrong. It’s a fairly famous colloquialism, but did you know there’s an even grimmer, less well-known colloquial “law,” known as O’Reilly’s Law, which states with equally unfortunate accuracy, that “Murphy was an optimist.”

On the plus side, there is some wisdom in those words if you treat them as proactive warnings instead of a gripe, as they offer a simplified approach to how you deal with your cybersecurity; look at what’s being setup, then ask yourself how it could all go wrong.

Portable devices like laptops, tablets, mobile phones and other smart devices are, well, portable, and thus, can easily be  lost or worse, stolen. Any organization that owns portable smart devices like these should have a plan of action for if or when it happens. Oftentimes, the loss of a device is treated the same way as something large and valuable, like a vehicle. While this is a decent start it fails in two very significant ways.

Computers are usually linked to internal resources.

A laptop or smart device, on the other hand, typically has installed software linked to multiple different resources. If a device  is lost/stolen, a bad actor could potentially gain access to the device, then use it to gain even more access, and so on. This  typically happen if someone steals your car (though now that cars have become smart, even vehicles should be treated as a possible attack).

Computers contain information.

And by that I mean potentially highly-sensitive information, depending on who was using it and for what. Obviously, this information getting stolen along with your hardware is a very bad thing. Some possible solutions to help reduce risk include policies and procedures that address storing sensitive data locally on portable devices. Alternatively, you could make use of  software capable of locking or wiping a device if it goes missing. But in any case, not making a plan for this situation ahead of time could lead to a situation that is difficult or even impossible to resolve.

Having good security isn’t very difficult. but you do need to be able to evaluate risks for situations that haven’t occurred and plan accordingly. You also need to be able to evaluate the situation when things actually go wrong, and use what you learn to improve on existing plans.

If you’d like help adding lost/stolen provisions to your acceptable use policies, or if you’d like assistance preparing remote security software, contact a TRINUS cybersecurity expert today.

This quote of Shakespeare comes from Othello: “I would not put a thief in my mouth to steal my brains.”

 

Courtesy, your friendly neighbourhood cyber-man.

/Partners /Systems /Certifications

TRINUS is proud to partner with industry leaders for both hardware and software who reflect our values of reliability, professionalism and client-focused service.