Every 60 seconds a laptop is stolen, according to two separate studies by Gartner and Dell.
In those 60-seconds, a stolen laptop probably isn’t the only loss. It’s more than simply replacing the hardware – in the wrong hands, a lost or stolen device could cost a company upwards of $4 million, which is the average cost of a data breach.
The problem is that a password is frequently the only barrier keeping unauthorized users from accessing sensitive corporate data. And, with so many employees using weak or reused passwords, it is only a matter of time before information is comprised. A recent study found a password containing a seven character dictionary word can be cracked in under a millisecond.
The other major issue is that workforces are becoming more mobile. Employees are losing their devices in coffee shops, airports, taxis and other unsecure locations. Contractors, partners and vendors are also losing their devices, which they use to access your company’s network of information. And, there is no way to guarantee that hardware will remain safe and secure, even if companies stress the importance of keeping a watchful eye on corporate devices.
With that in mind, here are four proactive strategies that can help keep organizations secure:
Stop fighting the BYOD movement: The reality is that employees bringing their own devices into the workplace can keep IT teams from becoming overwhelmed with managing company hardware. In an effort to cut costs and scale quickly, companies should allow employees to purchase their own laptops and expense the costs. When issues come up, instead of heading to the IT department for support, employees can contact the manufacturer for help. When used in tandem with a desktop security solution, such as OneLogin Desktop, IT teams can continue to control company-managed accounts.
Stop complicating matters for employees: Employees are exhausted with the constant communication coming from IT teams requiring that they follow some new security protocol. That is, users are suffering from security fatigue, which causes them to ignore important updates to company security features. IT teams are equally tired of having to send these company wide messages, since they frequently go unnoticed.
Even technology can become tiresome to deal with. Products such as single sign-on solutions can contribute to the fatigue, as users are often required to login to their laptop followed by a single sign-on portal and then enter a code texted to their phone. This process can become a burden when done day-in and day-out.
The solution is to introduce security policies and technology that don’t exhuast users. One example could be investing in an endpoint single sign-on solution that removes steps in the authentication process without compromising security. With OneLogin Desktop, for instance, users can login to their laptop and gain access to all applications needed to do their job. There is no third step in the authentication process, which keeps employees from becoming fatigued when following the security protocol.
Kill or be killed: The above strategies cannot stand alone. IT teams need to be proactive about ensuring company data is protected. One way to secure company information is to install an instant kill switch. In the event a laptop is lost or stolen, IT teams can revoke desktop certificate from the device, so that no one can log into the account. This feature ensures a stolen laptop is worthless to cybercriminals since it blocks unauthorized users from accessing corporate apps.
Keep what’s important in one secure location: Through unified access policies, IT teams can manage device and application security policies from one place. This makes the onboarding and offboarding processes run more smoothly, especially when it comes to checking that all ex-employees and contractors are fully offboarded. This is essential considering 13 percent of the time ex-employees are not completely offboarded – leaving corporate devices and apps unsecure to the horrific possibility of a malicious insider.
Without proper safeguards, company data can easily be accessed if an employee laptop goes missing. But with the proper measures in place, companies can get ahead of cybercriminals and be prepared in the case of a lost or stolen device.
This article was originally published on IT Briefcase.