How To Find a Stolen Laptop

Enterprise Data Security

Your laptop is missing, now what? I know it is frightening to consider the risk, all of your personal information: pictures, videos, facebook, instagram, twitter, email, banking information, tax information, health and medical information. Likely all of your business and company data including confidential or classified customer data is on the machine too. Don’t panic – it is important that you stay calm and follow a plan.

If the laptop is a or connects to company resource(s) you need to notify your manager and the IT department so they can follow company policies for securing appropriate account and data access as well as initiate any remote security actions. Keep in mind that while the physical laptop is valuable its value is minor compared to the value of the data on the device. In most cases the thief will simply sell the hardware or pawn the laptop but if the data on the laptop is easy to get to the thief will take the opportunity to exploit as many opportunities as possible.

If you have DriveStrike installed on the laptop you should immediately issue a Remote Wipe command, note the location of the device and contact the police. Your laptop will report it’s location each time it connects to the internet but once a remote wipe command is received the machine will become unusable and stop reporting information but you will have confirmation that your data is secure. Once you completed the remote wipe you should contact the local law enforcement and file a police report. You can provide the local law enforcement with the details of the machine by reviewing the Device page with DriveStrike where we record serial number information and other critical details like make and model of the device. Let the law enforcement know the last location you remember you had your laptop. We also recommend that you change the password on all of your online accounts immediately with the first priority in resetting passwords as Google, Firefox, Microsoft Edge, and or Internet Explorer. Start with the account that is associated with the browser you most commonly use on that PC. This won’t eliminate the risk or threat of compromise but it will help reduce the risk.

If you did not have DriveStrike installed we are sorry to hear that your PC was stolen. Below are several things to consider as you move forward to protect your data.

1. Do you have user names and passwords saved in your internet browser on the PC?

If you answered yes, immediately go and change the passwords for all of your accounts and implement two factor authentication wherever possible.

The first priority in resetting passwords is Google, Firefox, Microsoft Edge, and or Internet Explorer. Start with the account that is associated with the browser you most commonly use on that PC. This won’t eliminate the risk or threat of compromise but it will help reduce the risk.

2. Do you have any information regarding the PC; make, model, serial number, applications that were installed on the PC?

You should file a police report as soon as possible.

Where was the PC stolen from and around what time? If the PC was stolen from a location that has video cameras you may be able to take your police report to the establishment and ask them to review video footage and see if the thief is captured on video which should help the police in recovering your PC. Generally speaking, the police will not do this leg work for you but if you can track down the information they are obligated to act accordingly.

Start checking local pawn shops near the location the PC was stolen.

Search craigslist and ebay for your make and model to see if the thief is selling your laptop online.

3. Is the PC password protected and how strong of a password did you use?

If this is a Windows machine (I noticed you began signing up for our service last night using a Mac) and unless you enabled UEFI or BIOS preboot authentication security measures it is very easy for marginally tech savvy individuals to bypass standard user security on a PC.

4. Is there any confidential or sensitive information about customers, patients, or the company you work for on the PC?

If this is a company PC or if you access any company systems using this PC – immediately report the issue to your superior, the company IT and compliance teams.

If there is sensitive information about other people on the PC then you may have an obligation to report the stolen PC as a data breach depending on the security measures you implemented prior to the PC being stolen.

5. You should go to your Google, Microsoft, Facebook, Twitter, and other accounts for applications you commonly used on that PC to see if it is logged in to any of those accounts and also look to see if they have captured the location of that user session – you may be able to use that information by providing it to the local law enforcement. Do not use this information to confront the possible thief on your own – that is ill advised.

There are a number of other things to consider but they largely depend on how you answer the questions above. In order for us to remotely wipe or secure the device we will need to install DriveStrike on the missing PC which is very difficult but not impossible if the PC is part of an ActiveDirectory group or if we can entice the thief to install DriveStrike under the guise of a different name.

Please let us know if we can help you further, you can contact our help and support team any time.

DriveStrike is available for less than $1.00 per device per month when protecting multiple devices.

Sign Up Now For a Free 7 Day Trial

About Spearstone

Spearstone, 2008 Digital IQ award recipient for IT Security, is a software development company with enterprise customers that include Wells Fargo, Pearson Learning, Logitech, Spacelabs, Sony and RemedyMD. Spearstone’s DriveStrike product provides data breach protection for computers and smartphones, including remote wipe and mobile device management.