CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Data Protection

Lost and Stolen Devices: A Gateway to Data Breaches and Leaks

By implementing strong security practices,, organizations can significantly reduce the risks associated with lost and stolen computers and safeguard their sensitive information.

Protecting Lost and Stolen Laptops

In our digital age, data is king. It drives businesses, informs decision-making, and plays an essential role in our everyday lives. However, with the convenience of technology comes the risk of data breaches and leaks.

One often overlooked aspect of this risk is the role that lost and stolen computers play in compromising sensitive information. According to Forrester Research’s 2023 State of Data Security report, only 7% of security decision makers are concerned about a lost or stolen asset causing a breach, even though such incidents account for 17% of breaches. Such assets can include smartphones, tablets, laptops, external hard drives, and USB flash drives.

While these types of breaches may not command the same attention-grabbing headlines as major cyberattacks, the theft or loss of laptops, desktops, and flash drives poses a very real problem. It underscores the pressing need for endpoint resilience and recovery.

The Rising Threat

Lost and stolen computers are a growing concern for individuals and organizations alike. The portability and value of modern laptops and smartphones make them attractive targets for thieves. When a computer is lost or stolen, the data it contains becomes vulnerable to unauthorized access. Despite substantial investments in endpoint security controls, devices are often not as secure as organizations would hope. This vulnerability has led to numerous high-profile data breaches over the years.

The threats that arise from lost or stolen devices are as follows:

  • Unauthorized Access: When a computer falls into the wrong hands, unauthorized access to sensitive data becomes a real threat. Even if the device is password-protected, threat actors can employ various techniques to bypass security measures and gain access to files, emails, and other confidential information. This access can lead to data breaches, identity theft, and financial loss.
  • Lack of Encryption: Many users fail to encrypt their data, leaving it exposed in the event of theft or loss. Encryption is a crucial security measure that renders data unreadable without the appropriate decryption key. Without encryption, thieves can easily access and misuse sensitive data, putting both individuals and organizations at risk. Having encryption enabled is often a legally required control, and not being able to prove its efficacy can expose an organization to liability.
  • Physical Access to Networks: In some cases, lost or stolen computers are used as a means to gain physical access to corporate networks. If an employee’s laptop is stolen, and it contains access credentials or VPN configurations, the thief may use this information to infiltrate the organization’s network. Once inside, they can carry out malicious activities, steal more data, and potentially compromise the entire network’s security.

Mitigating the Risk

To prevent lost and stolen computers from contributing to data breaches and leaks, organizations should implement the following strategies:

  • Train Your Employees: Educate employees about the importance of safeguarding their devices and data. Provide training on secure practices, such as avoiding leaving devices unattended in public places.
  • Establish Geolocation and Geofencing: Track and locate all your enrolled devices, on and off your corporate network, by enabling “find my device” or other device-tracking features to locate idle, lost, or stolen endpoints. Define geofences to detect unauthorized device movement and be alerted when a device crosses an established boundary.
  • Implement Endpoint Data Discovery: Scan for sensitive data (e.g., PII, PHI, company IP) across your device fleet and identify devices that are syncing sensitive files with cloud storage services.
  • Apply Endpoint Data Encryption: Ensure that all sensitive data is encrypted, both on the device and during transmission. Encryption provides an additional layer of security that can deter unauthorized access.
  • Leverage Automated Security Control Assessment: Monitor the health of mission-critical security controls (e.g., anti-virus, anti-malware, encryption) and automatically repair and/or re-install unhealthy apps to restore them to normal operation. Report on encryption and anti-virus/malware status across your device population, tracking the evolution of encryption status over time.
  • Freeze At-Risk Devices: Remotely freeze devices when threats have been detected, reducing the risk of unauthorized access.
  • Delete At-Risk Data: Selectively delete files on any device from anywhere and remotely perform an end-of-life device wipe in accordance with NIST 800-88 with compliance certificate.
  • Enforce Strong Authentication: At minimum, enforce strong password policies and multi-factor authentication (MFA) to prevent unauthorized access to devices and accounts. Consider transitioning to a modern remote access methodology that reduces the dependency on usernames and passwords by implementing a Security Service Edge (SSE) paradigm.
  • Ensure Secure Storage: Encourage users to store sensitive data in secure cloud storage solutions rather than on local devices. Cloud services often offer enhanced security features and backup options.
  • Streamline Device Reclamation: Recover all corporate-owned IT assets before redeploying, reselling, or recycling them.


The threat of lost and stolen computers contributing to data breaches and leaks is a serious concern in our digital world. The potential consequences, from financial losses to damage to an organization’s reputation, make it imperative for individuals and businesses to take proactive measures to protect their data. By implementing strong security practices, including encryption, remote freeze capabilities, and employee education, organizations can significantly reduce the risks associated with lost and stolen computers and safeguard their sensitive information.

Advertisement. Scroll to continue reading.
Written By

Dr. Torsten George is an internationally recognized IT security expert, author, and speaker with nearly 30 years of experience in the global IT security community. He regularly provides commentary and publishes articles on data breaches, insider threats, compliance frameworks, and IT security best practices. He is also the co-author of the Zero Trust Privilege for Dummies book. Torsten has held executive level positions with Absolute Software, Centrify (now Delinea), RiskSense (acquired by Ivanti), RiskVision (acquired by Resolver, Inc.), ActivIdentity (acquired by HID® Global), Digital Link, and Everdream Corporation (acquired by Dell).

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.