Data breach is a serious concern that can cause major financial and credibility impacts to a business of any size. Aside from losing valuable data, it can take a company a massive amount of time and effort just to recover from the problem.
Whenever data breach is discussed, most people often consider hacks and malicious attacks as the primary causes. However, it has been shown that a significant number of data breaches are caused by the failure to secure laptop devices.
These shocking facts will demonstrate the importance of keeping laptops secure at all times.
1. A laptop is stolen every 53 seconds
Gartner, a technology research firm, has found that a laptop is stolen every 53 seconds.
Another survey by tech company Kensington concluded that in the lifetime of a laptop, there is a 1 in 10 chance that it will get stolen. Figures have shown that theft often occurs in offices, public transport, airports, restaurants and hotels.
According to Raj Samani, Chief Technology Officer for Intel Security, there is a burgeoning market for stolen laptops. “The goods go to pawn shops or unsuspecting people purchasing electronics from the internet in the majority of cases.”
While these thefts would initially target the physical laptop hardware, it is now very common for the data found in the laptops to be uploaded and sold online.
2. 86 percent of IT practitioners report that someone in their organization has had a laptop lost or stolen, with 56 percent of them reporting that this resulted in data breach
With laptop loss and laptop theft being such common occurrences in companies and business organizations, it is no surprise that almost half of these thefts have resulted in a data breach.
Compared to hacking a secure network, it is much easier to download information from an unencrypted or unprotected laptop. This is a reality a lot of business owners and IT professionals fail to realize.
Most companies would secure their office networks with sophisticated software. However, one practice that is often overlooked is controlling how employees secure the information stored in their laptops.
Storing confidential documents, client, and financial information on laptop hard drives is a common practice of most executives. These files are often openly available to access and are not encrypted as most employees would disengage security or encryption software for convenience purposes.
When a laptop is then compromised, it becomes a breeze for anyone to access these files.
One way to avoid this issue is to instead use one or more of the best free laptop cloud storage options. This avoids important documents and data being stored on a laptop hard drive, and also means they can be accessed from any laptop, anywhere. Just remember to log out after every session, and don’t store the login details.
3. 65 percent of business managers record their password on a private document such as a post-it note or share it with other individuals
Having a strong password has been proven time and again as an effective deterrent for cybercriminals.
Companies with strong IT security policies would even require their employees to change their passwords every 30 days. This makes it more difficult for outsiders to access protected information and multiple password failure can even be a way to alert the IT team of a potential threat.
Although these practices are commendable, they become irrelevant especially if the user is leaving physical clues that makes their password vulnerable to these threats.
In the same Kensington survey, it has been shown that a majority of the business managers in the study admitted that they record their passwords on documents such as post-it notes or share it with other individuals. This is usually done to serve as a reminder in case the password is forgotten.
However, leaving around pieces of paper with the laptop password written on it is a sure-fire way to attract data breach.
4. 52 percent of business managers sometimes or often leave their laptop with a stranger when travelling
Most employees, especially managers who travel a lot for work own a laptop. During business trips, it is typical for these employees to bring along laptops with them to work during these periods. Critical company information, documents and data are usually stored on these laptops for access outside of the office.
However, carrying a laptop at all times can be inconvenient especially during networking events, when going to the washroom or while at the airport. This forces laptop owners to leave their laptops and entrust it in the care of the concierge, restaurant employees or an airplane seatmate.
The Kensington survey verified this occurrence. It found that more than half of business managers they surveyed admitted that they would sometimes or often entrust their laptops in the care of strangers. This practice makes laptops very vulnerable to loss and theft.
5. 45 percent of healthcare information breaches occur on stolen laptops
The consequences of healthcare information breaches can be severe. This can cause medical identity theft, unauthorized access, insurance fraud and other serious problems that can be expensive and stressful to resolve.
One disturbing finding is that almost half of these costly healthcare breaches occur on stolen laptops.
The University of Michigan’s Michigan Medicine announced that the theft of an employee’s laptop that occurred on June 3, 2018 could have exposed health information of about 870 people.
The laptop was reportedly stolen when the employee’s car was broken into and the bag containing his laptop was taken. The report confirmed that data stored on the laptop varied based on research studies, but could have included patient names, birthdates, medical record number, gender, race, diagnosis and other treatment-related information.
This is only one of the numerous healthcare breaches that was caused by laptop theft. Other similar cases exposed data involving millions of people.
6. 5 Million: The number of medical patients’ data compromised in a single case of a stolen laptop
A misconception about losing a laptop or it being stolen is that the issue only affects the owner or the organization it belongs to.
However, due to the data stored on these portable devices, damages often go beyond the associated costs and potential fines in managing a data breach. It can affect more people and cause irreparable damage. In fact, one single laptop theft can potentially compromise data of millions of people.
One notable case occurred in February 2016 when a laptop was stolen from a Washington State federal building. The information stored in the laptop contained sensitive data on close to 5 million medical patients. This prompted the U.S. Department of Health and Human Services to reveal the extent of the damage.
7. The average total cost to a business from a single laptop loss is US $47,000
Statistics show that the average company loss due to the theft of just one laptop is more than US $47,000. This includes replacement of the laptop, downtime, and support and management time.
However, aside from this cost, companies who suffer from extensive data breach that involves sensitive third-party information such as healthcare companies can be financially damaging.
An example of this occurred in 2012 with the Cancer Care Group data breach. A thief stole a laptop which contained personally identifiable information including names, addresses, date of birth, social security numbers, and insurance information for 55,000 current and former patients.
The breach cost the Cancer Care Group $750,000 as it had to settle potential violations of the Health Insurance Portability and Accountability Act of 1996.
Also, in November 2012, EMC and Hartford Hospital were ordered to pay $90,000 when an unencrypted laptop was stolen from an EMC employee’s home. The laptop contained protected health information and data on nearly 9,000 people.
Applying Safeguarding Techniques
The extent of the potential consequences and damage that weak laptop security can cause are huge. It becomes more critical for organizations to ensure that they employ best security practices, and educate their employees on how to avoid and combat data breach in cases of laptop loss. Implementing simple yet effective security measures such as data encryption and remote-wiping can potentially safeguard important information from malicious access.