What are the things you have on your phone? Files, financial details, passwords, photos, videos? All of this and more?
My educated guess is that you would be losing some precious files if you misplaced your phone.
The information they hold is more personal than what's in your wallet. Your digital footprint is very important. This exact reason is why a lost or stolen device a cause for alarm.
Yes, losing the phone is heart breaking, but the worst part is the data on the device and access the device has to cloud accounts and websites. Imagine that being in the hands of a criminal is quite scary.
There are approximately 70 million lost smartphones every year. The owners only recover about 7% of them. Even something like workplace theft is all too common. The office is where 52% of stolen devices go missing.
If it's a work laptop or smartphone that goes missing, that's even worse. This can mean the company is subject to a data privacy violation. It could also suffer a ransomware attack originating from that stolen device.
In 2020, Lifespan Health System paid a $1,040,000 HIPAA fine. This was due to an unencrypted stolen laptop breach.
The Minutes After the Loss of Your Device Are Critical
The things you do in the minutes after missing a device are critical. This is the case whether it’s a personal or business device. The faster you act, the less chance there is for exposure of sensitive data.
What Types of Information Does Your Device Hold?
If/When a criminal gets their hands on your smartphone, tablet, or laptop, they have access to a whole host of information. This includes but is not limited to:
- Documents
- Photos & videos
- Access to any logged-in app accounts on the device
- Passwords stored in a browser
- Cloud storage access through a syncing account
- Emails
- Text messages
- Multi-factor authentication prompts that come via SMS
- And more
Steps to Take Immediately After Missing Your Device
We're not joking when we say time is of the essence when it comes to a lost mobile device. The quicker you act, the lower you're chance of a breach of personal or business information.
Here are steps you should take immediately after the device is missing.
Activate a “Lock My Device” Feature
Most mobile devices and laptops will include a “lock my device” feature. It allows for remote activation if you have enabled it. You will also need to enable “location services.” Good thieves are able to crack a passcode (especially if it's something like 1 2 3 4), turning this on immediately can slow them down.
What about “find my device?”
There is usually also a “find my device” feature available in the same setting area. But beware, only use this to try to locate your device if you feel it’s misplaced, but not stolen. Why? Well you don’t want to end up face to face with criminals do you?
If It's A Company Device, Report It To Them
If you use the device for business, it's wise (and sometimes required) to notify your company immediately. Even if all you do is get work email on a personal smartphone, it still counts. Many companies use an endpoint device manager. If this is the case, access to the company network can be immediately revoked.
Reporting your device missing immediately can allow your company to act fast. This can often mitigate the risk of a data breach. Trust me, you don't want to be responsible for one of those.
Log Out & Revoke Access to SaaS Tools
Most mobile devices have you logged in to SaaS tools. SaaS stands for Software as a Service. These are accounts like Microsoft 365, Trello, ClickUp, Salesforce, etc.
Use another device to log into your account through a web application. Then go to the authorised device area of your account settings. Locate the device that’s missing, and log it out of the service. Then, revoke access, if this is an option.
This disconnects the device from your account so the thief can’t gain access.
Log Out & Revoke Access to Cloud Storage
It’s very important to include cloud storage applications when you revoke access. Is your missing device syncing with a cloud storage platform? If it is, the criminal can (and probably will) exploit that connection.
What they could do is upload a malware file that infects the whole storage system. To make some easy money they could also reset your device to resell it, and in the process delete files from cloud storage.
Using a “Wipe My Device” Feature
The one thing I hope you do is back up all your devices on the regular. This ensures you have a copy of all your files in the case of a lost device.
If you're device has been stolen or lost for good then you should use a remote “wipe my device” feature if it has been set up. This will wipe the hard drive of data.
Need Mobile Device Security Solutions?
No matter what size company you have, mobile device management is vital. Contact us to learn more about our endpoint security solutions. We're based in Mount Isa and Gladstone with technology allowing us to assist people Australia wide.
Article used with permission from The Technology Press.