Stolen Laptop Test
Sec-1’s innovative new Stolen Laptop Test provides an eye-opening insight into the damage the loss or theft of a laptop holding company data can do to a business. This will enable organisations to develop a “best practice” plan to minimise damage, should the worst happen.
Statistics show that over 72,000 laptop computers are stolen each year, and many more are lost or misplaced. As an ever-increasing number of company employees use laptops on a daily basis – both for business and personal transactions – the effect on a business of laptop loss and theft is potentially devastating.
Sec-1’s Stolen Laptop Test has been developed to provide clients with a comprehensive understanding of the potential effect on their organisation if a company laptop were lost or stolen. The test is recommended for any organisation whose employees use laptop computers.
The key benefits of the test to the customer are the insights it provides into the various ways in which their organisation could be compromised by a laptop theft. This can be divided into four main areas:
- Organisational Information – The test reveals the internal information about a company that may be stored on an employees laptop, for example, passwords, banking or financial information or confidential employee data, and how this data may be utilised by a theif.
- Customer Information – The Data Protection Act of 1998 states that third party data must be secured against unauthorised or unlawful processing. The test shows how the loss of confidential customer data such as account details, telephone numbers and email addresses can cause corporate embarrassment, loss of business and legal penalties.
- Personal Information – The test assesses the amount ofthe user’s personal information – for example bank information, Internet shopping accounts and credit card details – that could be accessed through the laptop by the theif. The loss of such confidential data can cause immediate distress to an employee – and a loss of productivity and time at work while the situation is resolved.
- Remote Access – The test also assesses the level of access to a company’s network, that can be gained from a stolen laptop. An intruder could potentially gain widespread access to a company’s central network through a stolen laptop, including accounts and financial data, confidential personel files and customer details, causing untold amounts of damage
Overview
Sec-1 recommend the test is performed on a laptop in the condition it would be in if it were stolen from a user. Ideally, this would be achieved by the user passing the laptop to the company’s IT department as if for general maintenance, the laptop then being delivered to the Sec-1 team.
The team will then perform a variety of tests to assess the level of access to confidentail data that can be gained from both the laptop itself and the remote office network. Checks performed include attempting to bypass the Windows login system, extracting cached credentials and using data recovery tools to extract deleted documents.
After the assessment has taken place, a comprehensive report is provided, giving full details of all data recovered from the laptop and any connections to internal and external networks that have been made. The report will also provide advice on how the data on the laptop and connections to the network could be better protected.
For guidence on this or any other aspect of network security contact Sec-1 on 0113 257 8955 or email info@sec-1.com
*Research by Compucover
File downloads
- Stolen Laptop Test (962 KB) [pdf]