Intel vPro Expert Center Blog

2 Posts authored by: PGWard

A few months ago Intel conducted a very casual survey asking what people do when presented with certain security scenarios regarding lost laptops and “phishing.” Phishing is the fraudulent electronic communication process of attempting to acquire personal information such as bank and credit card numbers, usernames and passwords, along with other details that can be used in identity theft and more.  The most common form of phishing is through email or Web sites that look exactly like legitimate messages from your bank or creditors that are attempting to gather private information.

 

Questions asked in the survey were:

1.   Have you ever knowingly clicked on a phishing attempt? If you answered yes to the above question on the phishing attempt, why?

2.   What kind of activities do you do on your business computer today that you didn’t do three years ago?

3.   If your laptop gets stolen, how do you try to recover it?

4.   If you lost your laptop, what data are you most worried about falling into the wrong hands?

 

We received just over 30 responses (which by no means is statistically valid), but it did provide a glimpse into people’s computer conduct.  Here’s what we got for the responses – some more surprising than others.

 

Have you ever knowingly clicked on a phishing attempt? A quarter of the respondents had knowingly clicked on a phishing attempt.  Reasons ranged from “the devil made me do it” to “heard about them on the news and was curious what one looked like. “  One even said they wanted to “’troubleshoot it.’”  Essentially, people were curious and wanted to know what a phishing attempt was.  For all of those that have yet to click on a phishing attempt, Intel very strongly recommends not to click on one!

 

What kind of activities do you do on your business computer today that you didn’t do three years ago?  There were 24 responses to this question, and the majority of respondents pointed to social media (Twitter, Facebook, LinkedIn), which illustrates the growing importance of using caution when clicking on links from unknown sources.  The second most popular response was video-based activity - like videoconferencing or creating and editing videos, as more and more employees use graphics in their day-to-day work.

 

If your laptop gets stolen, how do you try to recover it?  Thirty-eight percent of respondents said they would call the venue to see if they had found it; while 31 percent  said they would call their IT to see if the laptop had a tracking device. Twenty-one percent of respondents said they would call the police, while another 10 percent said they would check online forums to see if someone was selling it. One of the respondents commented that they didn’t have a clue on what to do if they lost their laptop.  This is just one example of why it’s important to educate employees about best security practices and the appropriate steps employees should take when losing a laptop.

 

If you lost your laptop, what data are you most worried about falling into the wrong hands? Of the respondents, 63 percent said confidential data, followed by 16.7 percent said passwords, followed by 13.3 percent said financial information, followed by 7 percent said contacts and address book. Most respondents were concerned that their passwords would be compromised, which would give access to other personal data.  Others feared loss of information about future products for work contained on their laptops.  It was positive to see that a number of respondents said they utilized some type of encryption for the laptop hard drive or an external hard drive.

PGWard

One Lost Laptop is All it Takes

Posted by PGWard Apr 20, 2011

A few weeks ago, an employee lost a company-issued laptop during regular business travel containing critical personal information of more than 13,000 people. Even though the laptop had standard password-protection in place, it was not encrypted, and the whereabouts of these 13,000 individuals’ Social Security numbers, addresses and birthdates are now unknown.

 

The loss of just one laptop could affect thousands of people and thousands of laptops like this one are lost by organizations annually. In December of 2010, Intel Corporation and the Ponemon Institute released “The Billion Dollar Lost Laptop Study,” which surveyed 329 organizations in the U.S. about laptop loss. The report found that over the course of a year participants had lost more than 86,000 laptops, valuing the total cost at $2.1 billion.

 

Intel commissioned the study to aid in improving its security technologies, but also to help advance industry-wide efforts among others with a stake in the problem. The corporation continues to advance industry-wide efforts in the U.S. and abroad, and today Intel and the Ponemon Institute released the findings of a similar study conducted on 275 European organizations. Results of the study show that participating organizations lost over 72,000 laptops during a 12-month period, for a staggering total economic impact of €1.29 billion, or $1.79 billion.

 

Combining the value of laptop loss between the participating organizations in the U.S. and those of the United Kingdom, Germany, France, Netherlands, Belgium, Italy, Sweden and Spain, yields $3.9 billion in damages from almost 160,000 lost laptops. Costs come not only from the replacing these laptops, but also from lost intellectual property, lost productivity or legal, consulting and regulatory expenses among others.

 

What’s interesting is that the two studies have very similar findings.  Both found that the most common environment for laptop loss was off-site (working from a home office, hotel room or conference), while laptop theft tended to occur in-transit (in an airport or cab or train).  Like the U.S., the education and research, and health and pharmaceutical industries in Europe experienced the highest rate of laptop loss.  This is most likely due to the fact that both industries have similar characteristics like high mobility.  Both also determined that companies with 5,000 – 25,000 employees experienced the highest rate of laptop loss.  Even the chance of a lost laptop in its useful life stood between seven to eight percent for both studies.

 

Particularly discouraging is that both studies reported that roughly 30 percent of the lost laptops contained confidential data that was not encrypted.  For the European study, that is 22,856 laptops.  Any one of those laptops could have contained your personal information.

 

In both the U.S. and abroad, the amount of laptops lost signals a need for action. As companies transition their employees from desktop to laptops, management needs to take a more proactive role in assuring that appropriate safeguards are in place to protect sensitive data contained on the computer. In fact, the cost of a data breach represents 80 percent of the $49,246 total cost of a single lost laptop, compared to the two percent of the total cost necessary for replacing the computer, according to the Ponemon Institute. They also found that encryption on average can reduce the cost of a lost laptop by nearly half.

 

In addition to encryption, anti-theft and other data protection solutions, management can also implement training and awareness programs for all employees who have laptops.  Policies should be set in place that require employee to report a lost or stolen laptop. Finally, employees can keep a careful watch over their laptops, especially while in-transit. For more tips on how you can keep your laptop safe, check out these tips from Intel’s security expert.

Filter Blog

By author:
By date:
By tag: