Terminated Employee – Won’t Return Our Laptop, Now What?

Terminated Employee Has Our Data

The Questions

We receive questions on this topic nearly every day… The questions range from:

Can I wipe a laptop offline?
Can I disable a laptop I don’t have access to?
How do I install Remote Wipe on a lost or stolen computer?
How do I wipe a computer that is shutdown?
Can I install Remote Wipe software on our field employee’s computer without them knowing it?
Can I wipe a computer that doesn’t connect to the internet?

The Stories

And the stories usually sound something like this:

One of our employees was terminated and won’t return our computer. There is a lot of sensitive information we need to protect and need help wiping the data on that computer.

We have heard some frightening stories of employees that quit or were terminated for various reasons and then proceed to use the company data they still have to benefit them or harm, threaten, hold hostage, and or extort their employer in some fashion or another.

The Answers

As a result we wrote this article to answer these questions and give you some options on how to address these types of issues.

First and foremost, it is very difficult to install any software undetected on a device you don’t have access to but not impossible so long as the device connects to a network that you manage a group policy on. In a vast majority of cases it is highly unlikely you will be able to protect a device and data if you did not already install DriveStrike prior to losing access or control of the laptop, macbook, smartphone, tablet, et cetera.

Similarly, if a mobile device is lost or stolen and not connected to the internet it becomes very difficult to destroy the data on that device. With Windows, Android, and Linux we have more control over the feature set and when we can initiate a data destruction sequence. With DriveStrike’s Deadman Switch we initiate a wipe instruction even if the device is not connected to the internet by challenging the user to properly answer a challenge question or connect to the internet. This data protection model ensures remote employees can continue to work and you can protect company data and assets.

As far as wiping a device and the data on it when the device is shutdown, sorry this is not possible. If the device is not powered on at all there is no way to programatically wipe the data. In a powered down scenario you would need to physically destroy the device.

In the event that you find yourself trying to regain access to a mobile device or computer asset that a current or former employee is reluctant to return we suggest you do the following:

Notify the person in email and writing that the mobile device, computer asset, and/or data is company property that must be returned and any copies they may have must be destroyed. Failure to return any and all company assets is a violation of company policy and failure to comply with your request will result in civil and criminal action. Let them know that the company has a zero tolerance policy and any remaining compensation that has not been paid will also be withheld.

As a general rule, we suggest that administrators catalog mobile devices and computers issued to employees and contractors. Administrators should document serial numbers and other identifiers, keeping and maintaining an accurate asset log. HR should require each employee or contractor agree to and sign confidentiality, non-compete, non-disclosure, BYOD MDM remote wipe policy, and sensitive data access agreements that clearly indicate expectations and responsibilities.

If you have additional questions or need help please feel free to contact us directly.

Your Name (required)

Your Email (required)

Subject

Your Message