Call (716) 373-4467

Few things invoke instant panic like a missing smartphone or laptop. These devices hold a good part of our lives. This includes files, personal financials, apps, passwords, pictures, videos, and so much more.

Electronics now hold just as much personal information and banking information as your wallet does, probably more. This makes a lost or stolen device a cause for alarm.

It’s often not the device that is the biggest concern. It’s the data on the device and the ability of the device holder to access cloud accounts and websites. The thought of that being in the hands of a criminal is quite scary.

There are approximately 70 million lost smartphones every year. The owners only recover about 7% of them. Workplace theft is all too common. The office is where 52% of stolen devices go missing.

If it’s a work laptop or smartphone that goes missing, even worse. This can mean the company is subject to a data privacy violation. It could also suffer a ransomware attack originating from that stolen device.

In 2020, Lifespan Health System paid a $1,040,000 HIPAA fine. This was due to an unencrypted stolen laptop breach.

The Minutes After the Loss of Your Device Are Critical

The things you do in the minutes after missing a device are critical. This is the case whether it’s a personal or business device. The faster you act, the less chance there is for exposure of sensitive data.

What Types of Information Does Your Device Hold?

When a criminal gets their hands on a smartphone, tablet, or laptop, they have access to a treasure trove. This includes:

  • Documents
  • Photos & videos
  • Access to any logged-in app accounts on the device
  • Passwords stored in a browser
  • Cloud storage access through a syncing account
  • Emails
  • Text messages
  • Multi-factor authentication prompts that come via SMS
  • And more

Steps to Take Immediately After Missing Your Device

As we mentioned, time is of the essence when it comes to a lost mobile device. The faster you act, the more risk you mitigate for a breach of personal or business information.

Here are steps you should take immediately after the device is missing.

Activate a “Lock My Device” Feature

Most mobile devices and laptops will include a “lock my device” feature. It allows for remote activation if you have enabled it. You will also need to enable “location services.” While good thieves may be able to crack a passcode, turning that on immediately can slow them down.

What about “find my device?”

There is usually also a “find my device” feature available in the same setting area. Only use this to try to locate your device if you feel it’s misplaced, but not stolen. You don’t want to end up face to face with criminals!

Report the Device Missing to Your Company If It’s Used for Work

If you use the device for business, notify your company immediately. Even if all you do is get work email on a personal smartphone, it still counts. Many companies use an endpoint device manager. In this case, access to the company network can be immediately revoked.

Reporting your device missing immediately can allow your company to act fast. This can often mitigate the risk of a data breach.

Log Out & Revoke Access to SaaS Tools

Most mobile devices have persistent logins to SaaS tools. SaaS stands for Software as a Service. These are accounts like Microsoft 365, Trello, Salesforce, etc.

Use another device to log into your account through a web application. Then go to the authorized device area of your account settings. Locate the device that’s missing, and log it out of the service. Then, revoke access, if this is an option.

This disconnects the device from your account so the thief can’t gain access.

Log Out & Revoke Access to Cloud Storage

It’s very important to include cloud storage applications when you revoke access. Is your missing device syncing with a cloud storage platform? If so, the criminal can exploit that connection.

They could upload a malware file that infects the entire storage system. They could also reset your device to resell it, and in the process delete files from cloud storage.

Active a “Wipe My Device” Feature

Hopefully, you are backing up all your devices. This ensures you have a copy of all your files in the case of a lost device.

Does it look like the device is not simply misplaced, but rather stolen or lost for good? If so, then you should use a remote “wipe my device” feature if it has been set up. This will wipe the hard drive of data.

How We Can Help

No matter what size company you have, mobile device management is vital. Get in touch with us today at 716-373-4467 x 15 or [email protected] to arrange a quick chat to learn more about your options and how we can help you identify and address any potential security risks.

 

Article used with permission from The Technology Press.

Access Control Administrative Privileges AI AI algorithms AI in Cybersecurity Annual Security Training Anti-Virus Artificial Intelligence Authenticator App Automation Backup and Recovery Backup Redundancy BCDR BEC breach prevention Breach Prevention Platform Breaches business continuity Business Continuity and Disaster Recovery Business Email Compromise Business Email Compromises Business Growth Business Phone System Business Software BYOD Call Directory Channel Futures MSP 501 Cisco Cloud Accounts Cloud Data Backup Cloud Infrastructure Cloud Security Cloud Solutions Compliance Comprehensive Cybersecurity Compromised Credentials Computer Installation computer support Computer Upgrades Conditional Access Credential Theft Cyber Attacks Cyber Criminals Cyber Defenses Cyber Insurance cyber liability insurance Cyber Risk Management Cyberattacks Cyberinsurance cybersecurity Cybersecurity Awareness month Cybersecurity Breach Cybersecurity Culture Cybersecurity Strategy Cybersecurity Training Cybersecurity Webinar Dark Web Dark Web Monitoring Data Backup Data Backup and Recovery Data Backup Solution Data Breach Data Breaches Data Governance Data Loss Data Management Data Privacy Compliance Data Privacy Regulation data protection Data Recovery Data Restoration Data Security deepfake Deepfakes Defense in Depth Denial of Service Device Security Disaster Recover Disaster Recovery DNS Filtering doug wilson employee cybersecurity training Encryption Endpoint Detection and Response Endpoint Protection field technician Foundation Security Gift Card Scams Hackers Hosted VoIP Hybrid work i.t. service provider Identity Theft incident response plan Incident Response Planning Insider Threats Internet Explorer Internet of Things Intrusion Detection Intrusion Prevention IoT Devices IT Budget IT Budgeting IT Compliance IT Infrastructure IT Myths IT Partner IT Policies IT Resource IT Security IT Service Provider IT Services IT Support Juice Jacking Local Admin local admin privileges Lost Devices M365 malware Managed Clients Managed Detection and Response Managed IT Managed IT Provider Managed IT Services managed service provider managed services Manages Services MDR MFA Microsoft Microsoft 356 Microsoft 365 Copilot Microsoft End of Support Microsoft Office Mobile Devices MSP MSP 501 Winner MSP501 Multi-Factor Authentication Network Monitoring Network Security Network Testing Networking New Computer NIST Framework Offboarding Office 365 Outlook Outsourced IT password management Password Manager Password Managers Password Protection password security Passwords Patch Management Patches Patching PC Performance Penetration Testing Personal Data phishing Phishing Attacks PII Proactive Monitoring Processor productivity Professional Tune-Up Public WiFi Push-Bombing RAM Ransomware Ransomware Prevention Recovery point objective Recovery Time Calculator Recovery time objective Remote Monitoring Remote Working repeatbusinesssystems Ring Groups risk assessment Risk Management Risk Tolerance Rock-It VoIP RPO RTO RTO Costs SaaS SaaS Backup Scammers Scams security Security Assessment Security Assessments Security Awareness Training Security Defaults Security Key Security Scans SLAM Method Smart Tech Smishing SMS Social Engineering Social Media Security Software Integration Software-as-a-Service Solid-State Drive Sponsored Google Ads SSD stolen credentials Storage Teams technical support scam technology best practices Technology Budget Technology Infrastructure Technology Management Technology Plan Technology Policies Technology Review Threat Detection Threat Identification Threat Modeling top-performing managed service providers Updates virus VoIP Systems VPN Vulnerabilities Vulnerability Assessment Vulnerability Management Warning Signs Webinar Windows 10 Windows 11 Windows 8.1 Work Computers World Backup Day zero trust policy