Traveling Technology

Protus3Mobile Forensics, News, Theft, Embezzlement, and Fraud

While traveling on company business, Bob uses a laptop containing company information. When he returned after his last visit, his laptop could not be found. He remembers using it in the airport, but he does not know where the laptop is now. What would you do?

Your first thought may be “fire Bob,” however, the most effective way to address this problem is to take action before Bob leaves for his trip.

  • First, develop company policies on the proper security procedures when using company laptops, PDAs (Blackberry or iPhone), or portable drives (jump drives, thumb drives, USB drives).
  • Train all employees on these procedures and provide refresher training and updates when needed.
  • Limit the amount of sensitive information on the hard drive or device, and do not create or keep any “password” files listing usernames and passwords.
  • Keep in mind that all information accessed by the device will be stored locally in some fashion, so clean out cache and temp files on a frequent and regular basis.
  • Always carry the laptop in the same fashion in the same bag in the same place every time so you will be less likely to accidentally lose it.
  • Do not carry a laptop without the benefit of a bag or a case where it can be seen as an easy target by a thief.
  • Most airlines now have rules prohibiting placing the laptop in the back pocket of the seat in front of you, and storing the laptop in the overhead bins means it will be out of your control and could be out of the plane by the time you realize it is missing, especially if you are in the window seat.
  • Be cautious of people intentionally or unintentionally reading over your shoulder.
  • Consider disabling the caching of emails from the company email account on the laptop because if the laptop is lost or stolen, all emails will be lost available on the laptop.
  • If traveling employees share a laptop, delete the user account from the laptop when it is returned and use software to wipe all unused areas of the hard drive.
  • Any laptop used by an employee should have corporate antivirus software installed and updated on a regular basis.
  • The IT department or staff should review, update, and monitor any computer used for company business on a regular basis.

After the loss is determined, immediately contact the last known location to determine if the laptop has been recovered. Even if the laptop can be located, once the loss is reported it should be determined, in an interview with the employee, what was on the laptop. Any password typed into a program, Internet Explorer, virtual private network (VPN), or Remote Desktop connection can be collected from the stolen computer. All passwords on any account used on the laptop should be changed immediately, network wide. It may even be necessary to temporarily disable the account of any person who used the laptop while assessing the magnitude of the potential loss. In addition, all employees who have ever used the laptop should be notified in case they used the computer to access the company network or personal accounts such as email and online banking. Depending the on the type of business conducted from the laptop, it may be necessary to notify customers.

Plan. Protect. Prosper.

Protus3 specializes in security system design, security consulting, corporate investigations and other investigative services. Partner with Protus3 and we will examine each situation to identify threats and develop solutions for your best outcome.

919-834-8584 or 800-775-8584