Don’t Let Your Employees’ Equipment Be Left Unattended
Louie Yao, Senior Global Product Manager, Kensington
Healthcare compliance, government and national security, legal and financial data security, and more industries are hyper-sensitive, and rightly so, about keeping their data safe. With an abundance of data stored on unsecured servers and sitting behind public storefront windows, corporate data hacks and device thefts have been and will continue to be devastating for businesses across a wide range of sectors. The cost of replacing a laptop is rarely the principal cost incurred after a theft. It’s not just the device, it’s the data.
More IT theft takes place in the workplace than many realize. A survey conducted last year revealed that 23% of respondents had experienced IT theft in the office – almost as high as theft in cars or other forms of transportation (25%) and more than in airports or hotels (15%) or restaurants (12%).
Confidential data leaked from a company device can expose an entire enterprise, costing the company contacts, intellectual property and even clients. A security breach of this nature can scare shareholders, potential investors and customers, all while disrupting workflow and decreasing productivity when employees are without their laptops when lost or stolen. Not only are employees unable to perform business tasks, causing a bottleneck in the business operation, the IT team has to spend valuable resources and time to replace the missing laptops, back up and rebuild files, and investigate the crime – all having a serious impact on productivity.
In this era of big data and the Internet of Things, companies cannot afford to overlook the value of physical security for data protection. After all, 97% of the stolen laptops are never recovered.
The First Line of Defense: Physical Locks
Cyber security cannot stop devices — and the data inside them — from being stolen from work and employee environments. But something as simple as a trusted physical security solution can prevent these nightmare scenarios from coming true. As a theft deterrent alone, a device lock is worth the initial cost. Quality physical locks not only discourage attempts, but also provide lasting peace of mind by preventing device loss that can cost your company thousands or even millions of dollars. Our research shows that a well implemented security policy would reduce laptop theft by 85%.
You might ask, aren’t physical locks a waste of money – my employees won’t use them? Like all elements of a good security policy, proper use is fundamental. Therefore, the right lock should be easy to implement as to not significantly affect the way employees and IT staff operate day to day. 61% of businesses now protect their endpoints with anti-malware and antivirus protection. While this is an important part of an organization’s security policy, it is not a comprehensive solution. Businesses should make physical device security a top priority when developing security policies. To ensure employees take advantage of these features and to protect business from potential security loop holes, organizations can make device locks a mandatory part of their security policy.
Another question you may have is, why does my company need physical locks when all our laptops are encrypted and our facility is secure? Physical security is the first line of defense in a comprehensive security policy is analogous to locking a car even though it has an alarm. Preventing theft in the first place alleviates the cost of filing claims and replacing and redeploying stolen laptops. For instance, a disgruntled employee with high-level server access could easily expose or compromise confidential data for future financial gain through an unsecured company device. Cost comes in many forms and is often much greater than the loss of the hardware itself. Between backing up and rebuilding files, time spent investigating the crime and the overall interference with employee productivity, the resulting financial loss after a device theft can be devastating. Though device theft is pervasive, dependable device locks make these instances easily preventable.
The Challenge of Protecting Multiple Devices Across Heterogeneous Environments
Rarely does a business look to secure one
device or have a policy that is for one device and not the whole company. It’s often an entire fleet. With so much at stake — hardware, and the often-expensive software and the valuable data inside — physical security is an important investment with many considerations, one of which is, how do you lock down multiple devices in what is often a heterogeneous environment? Convertible laptops, 2 in 1 machines, hard drives and monitors, desktop sets, POS devices, printers, projectors and more can prove to be a daunting challenge for the IT manager responsible for protecting these heterogeneous environments.
One approach toward protecting laptops and other mobile devices, is to require employees to take their equipment home with them, rather than leaving them at the office. The risk associated with this approach is that employees may forget to bring their devices with them when they leave work, or worse yet, could lose them or have them stolen outside the office environment. This only causes more headaches for the IT managers. In other environments, such as education, it should be required that equipment remain on campus, in which case the issue comes back to the challenge of protecting multiple devices in a heterogeneous setting.
Fortunately, advanced security options are available to IT managers looking for physical security solutions that are easy and optimized for all devices, while offering strong levels of protection. Different industries have different requirements and should consider custom keying solutions that allow an appropriate administrative level of IT control over equipment, while helping employees safeguard against theft and avoid downtime due to misplaced keys.
Custom solutions may include master key, supervisor/single key and like key locking systems. Master keyed locks provide universal on-site IT control over devices, while users have individual keys for greater flexibility. Government, legal and financial industries benefit from having policies where security regulations must be followed. A master key solution provides flexibility for IT managers to open machines across departments and offices with one master key.
A supervisor/single keyed lock offers the strictest IT control for administrator-only access in environments where crucial infrastructure such as desktops, servers and network equipment must be locked down. In an education environment where equipment such as monitors, desktop computers and projectors stay put, a supervisor key provides high-level security without having to manage multiple keys. Many IT administrators work for multiple schools and could share a single master key across sites.
A like keyed lock allows for sharing control with each key opening each lock, ideal for specialized environments where employees can check out devices that are shared. For example, police officers may use the same key across a fleet of tech devices they will likely be checking out each day.
In many instances, an organization will need a mix of two, or even all three custom key solutions to achieve the model physical security system, to satisfy industry standard requirements. Knowing which physical solutions are available to meet these requirements is a valuable step towards implementing the right level of physical security for the greatest possible data protection.
To start, let Kensington, a worldwide leader of desktop computing and mobility solutions for IT, business, and office professionals and the Professionals’ Choice, work with you to understand your company’s individual and industry requirements, and provide insights as to all the different options available so that your organization can determine which solution is best suited to protect your valuable office assets.