4 Steps to Avoid the Damage Caused by a Lost or Stolen Laptop
Employees will inevitably need to carry their laptops on public transport at some point, particularly employees who must travel frequently and need to be continually communicating with their offices. Indeed, laptops are a commuter’s best friend – they have the same capacity and software as many desktops, so employees can take their workplace with them wherever they go.
So, if you can practically run a whole business from a laptop, what happens if it gets stolen on public transport whilst commuting? If the laptop contains sensitive personal information, you are in breach of Principle 7 of the Data Protection Act and face business-crippling fines. In fact, from May 2018 when the General Data Protection Regulation (GDPR) comes into force, the current £500,000 cap will be replaced with penalties of up to 4% company-wide annual turnover. These fines can be fatal for businesses, so it is vital that steps are taken to avoid laptop theft on public transport.
Ensure that sensitive/confidential data is protected
You don’t want sensitive information getting into the wrong hands. Protect the data before doing any travelling:
- Your laptop and USB should be password-protected to avoid hackers gaining unauthorised access to your business applications. A strong password should be long and varied, including uppercase and lowercase letters, numbers and symbols. Use different passwords for different applications and make it mandatory for employees to change their passwords every six weeks
- Encrypt individual documents which contain sensitive information
- Backup the data stored on your laptop to limit the impact of losing it
- Minimise the data stored on the laptop. The upcoming GDPR requires that individuals have ‘the right to be forgotten’, so having a retention schedule and organising an information audit will ensure that you are not keeping information for longer than is necessary
- Invest in software to remotely lock your laptop and wipe data on your laptop if stolen.
Be vigilant and take precautions when travelling
It is important to be aware of low-tech methods of information theft, such as bag snatching and ‘over the shoulder’ reading on public transport. Be careful and vigilant:
- Your laptop should always be in sight; never leave it unattended or resting by your feet – thieves are constantly looking for opportunities to steal, so don’t make it easy for them
- Choose an inconspicuous case to carry your laptop, rather than an expensive-looking bag
- Invest in a laptop privacy screen to avoid ‘over the shoulder’ reading.
Employees should be aware that the laptop (and the data stored on that laptop) is their responsibility, so they will be held accountable for any data loss. They should be well-informed:
- Ask all employees to read and sign the data protection policy, outlining the employees’ responsibility for the laptop
- Consider an ongoing security awareness program, including continuous training, communication and reinforcement
- Appoint a data protection officer; employees should tell them if they have had a laptop stolen or lost, and they would then inform the ICO within 72 hours.
Monitor your IT/media with a monthly audit
With an increasing number of employees being assigned a personal laptop, it is important that these are tracked. Businesses can use ActiveWeb, an online records management platform, to view a full inventory of IT equipment and track the laptops that are given to their employees. All IT can be individually barcoded so that a monthly IT audit can be carried out.
Protecting your data, being vigilant on public transport, sharing a clear data protection policy with your employees and running monthly IT audits are some vital steps to take to protect your IT/media.
Thank you for reading our blog. Within this blog, we have shared our personal thoughts and opinions about the subject. Always seek legal advice before taking any action.