FBI Loses 160 Laptops: Lessons to Learn

John Livingston Absolute Software CEOUnfortunately, no individual or group is immune to laptop theft. In today’s mobile world, computer theft is commonplace. Many organizations are grappling with how to secure and accurately track laptop computers. The FBI is no exception.

According to a recent report from the U.S. Department of Justice (DOJ), the FBI lost 160 laptops and 160 weapons in a 44-month period ending in September of 2005. The report was a follow-up from a 2002 audit that identified 354 weapons and 317 laptop computers as lost, missing, or stolen from the FBI in a 28-month review period. Unfortunately the FBI had no way of determining if the missing laptop computers even contained sensitive or classified information and certainly no way to know if it had been accessed.

Although the new report shows a significant decline in the number of lost or stolen computers and weapons, the fact remains that even one missing laptop can be catastrophic for an organization. This is why a layered approach to mobile data security is critical today.

CPR: Compliance, Protection & Recovery

While cable locks can help deter theft, and encrypted laptops can help prevent data compromise, single point security solutions cannot adequately protect organizations from all points of attack. This is why we recommend a multifaceted or layered approach to mobile security and data protection including compliance, protection and recovery (CPR):
“Compliance ” An accurate, real-time inventory of mobile computing assets helps organizations comply with data privacy and protection regulations
“Protection ” Protecting data on mobile computers requires encryption, strong authentication and the ability to remotely delete sensitive data on stolen devices post theft
“Recovery ” Recovering lost or stolen computers ensures the computer and data’s return to the rightful owner, and facilitates criminal prosecution as required

CPR for laptops can serve as the basis of an organization’s mobile data protection security strategy. Here are some concrete steps you can take right now to prevent losses and mitigate the risk of data exposure:

Ten Tips for Mobile Computing Security

1. Use visual deterrents -such as cable locks
2. Use a “real time” asset tracking system to notify you when a computer goes missing
3. Use computer theft recovery (LoJack type) software to recover your stolen laptop
4. Keep laptops locked up and out of plain sight
5. Don’t advertise your laptop by carrying it in a laptop bag
6. Install anti-virus software, encryption solutions, anti-spyware and firewalls
7. Back-up valuable data on a scheduled basis
8. Invest in post-theft remote data deletion solutions
9. Create and enforce rules on how information is stored, accessed and transported
10. Create a contingency plan by identify the resulting damage to the enterprise in the event of a potential breach and develop protocols to mitigate risk

Be Diligent, Stay Safe

Although the FBI has strengthened its policies on reporting lost or stolen weapons and laptop computers, data protection and theft prevention policies are only effective if they are executed and followed diligently.

The loss of a single computer or a single security breach can be damaging to an individual as well as a corporation. Millions of people worldwide have had their data compromised by laptop thefts. Only a multi-layered approach to laptop security provides the best overall protection, from proactive data and computer security measures to post-theft data deletion and computer theft recovery. Finally, we wish you all the best with the implementation of your multi-layered mobile computing security plan.

John Livingston is CEO of Absolute Software, a company that offers Computer Theft Recovery, Data Protection and Secure Asset Tracking solutions. The company makes Computrace LoJack for Laptops, which comes pre-installed on select notebooks and is available as a standalone product.

Related Posts