Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.​

Since 2020, remote and hybrid workplaces have become almost as common as companies that require workers to be onsite. In fact, according to the US Census Bureau, the number of people working from home tripled between 2019 and 2021. While some companies have begun to require that employees return to the office, it looks like remote and hybrid work environments are here to stay. As of 2023, 12.7% of all full-time employees work from home and 28.2% work in a hybrid model. As a result, the widespread use of devices as a mobile workplace has become incredibly common, with 87% of companies relying on their employees using personal mobile devices to access company apps and 60% of today’s employees using such apps for work-related tasks. While the implementation of mobile devices can be a boon to productivity and flexibility in the workplace, it has also led to an increase in data security problems when said devices are lost, misplaced, or stolen. 

For example, one study found that 41% of all data breaches were the result of lost or stolen devices. In keeping with its trend as the worst-performing sector for almost every form of cyberattack, a whopping 68% of healthcare data breaches were caused by lost or stolen devices and only 23% of all healthcare breaches were not directly connected to the loss or theft of a device. On the whole in 2023, one poll discovered that 75% of respondents claimed to have experienced a “significant increase” in security incidents, with lost/stolen devices being one of the main causes (alongside stolen credentials, ransomware, and DDoS attacks). 

As the use of personal and professional devices as mobile workplaces has become commonplace, the issue of lost or stolen devices has become increasingly worrisome when it comes to data security for organizations of every sector and industry. But our security experts are here to help with ways to both understand the problem and methods for protecting yourself and your organization.

 

Why are Lost, Misplaced, or Stolen Devices such a Common Issue? 

As already discussed, the workforce became almost entirely remote during the COVID-19 pandemic era of 2020-2021. During that period, people stayed home during the lockdowns. Besides, when it came to work, there was nowhere to go even if one wanted to. Large events, symposiums, conferences, etc. were cancelled. Business travel went down to nearly zero. To put it simply, during the pandemic period when the nationwide work-from-home shift began, people stayed home with their devices. And it is hard to have your devices lost or stolen when you never leave the house. 

However, we now find ourselves in a post-pandemic world and the landscape of work has changed again. Business events and conferences are back to being held in person. Both personal and business travel have returned to normal levels. This means people are leaving home for various work-related activities… and they’re taking their devices with them. Unfortunately, this means that the likelihood of having these devices lost, misplaced, and/or stolen has spiked considerably. 

Believe it or not, loss of devices is more frequently due to them being misplaced or lost by the owner than from theft. In fact, misplaced items are the main reason for device loss and it happens in various locations. One study found that 40.36% of misplaced device events happened in private or personal locations, such as the user’s car or while attending a private event. The rest occurred on the street/in public places (15.36%), on public transport (11.6%), and even at the user’s office or workplace (14.91%). 

While device theft may be slightly less common, that’s not to say it doesn’t happen almost as frequently. The previously mentioned study found the most common place for device theft was in the home (34.2%), followed by theft at an office or workplace (15.3%), on the street (13.7%), and/or on public transport (11.1%).

 

How to Protect Your Organization from the Risks of Compromised Devices 

Device loss—whether misplaced or stolen—is not a matter of “if” but “when” for organizations. It will happen eventually (though hopefully not too often), especially for businesses with geographically distributed, hybrid, or remote workforces. Luckily, there are a number of things that can be done to protect your data from the repercussions of a loss: 

  • Always use a strong password or passcode to restrict access to your device. 
  • Enable biometric authentication such as Face ID or Touch ID anytime your device supports it. 
  • Turn on “Find My” or similar device tracking features that let you locate, lock, or erase your device remotely if it is lost or stolen. 
  • Regularly backup your data to a secure cloud service or an external drive. 
  • Encrypt the data on your device (and on your backups). 
  • Install anti-theft and antivirus software on your device (and make sure you download updates regularly or enable automatic updates) 
  • Avoid connecting work devices to public or unsecured Wi-Fi networks and always use a VPN when browsing online. 
  • Enable Stolen Device Protection on your iPhone if you have iOS 17.3 or later (this feature requires biometric authentication and time delays for certain actions when your device is away from familiar locations). 


Device management can be a burden on any organization, but it simply must be done. When your organization’s devices are lost or stolen, you need to be able to either locate and recover them or delete the data they have stored. Doing this in-house can be costly and frustrating. This is why UDT offers
Lifecycle Management support and Cybersecurity Services that can take this problem off your plate.  

Contact our team today to discover how UDT can help you manage your devices, optimize your technology investment, and improve data security with our portfolio of customizable solutions.  

Take The Quiz—What’s Your Security Risk Level?

New to cybersecurity or trying to improve your security posture? Take our brief quiz to understand how your organization might score when it comes to risk—and what to do about it. 

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.​

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.​

Ransomware Gangs Adding Pressure with ‘Swatting’ Attacks—Here’s What You Need to Know

Ransomware gangs are implementing new extortion tactics to encourage victims to pay up. Swatting is becoming an increasingly popular tactic. It involves calling law enforcement to falsely report a serious, in-progress crime triggering an extreme response such as an armed raid from the SWAT team. Explore how cybercriminals are using this tactic and what you can do to prevent it from happening to you.​

Smishing Attacks are on the Rise—Here’s How To Keep Your Data Safe

Smishing attacks are on the rise, posing a significant threat to data security. Originating from a blend of SMS and Phishing, these attacks have seen a drastic increase since 2020. The widespread use of smishing attacks has persisted, with a lack of awareness being a major issue. Many view these as simple spam messages, unaware of the danger they pose. This blog aims to raise awareness about smishing and provide actionable insights to protect yourself and your organization.

Experiencing a security breach?

Get immediate assistance from our security operations center! Take the following recommended actions NOW while we get on the case:

RECOMMENDED IMMEDIATE NEXT ACTIONS

  1. Determine which systems were impacted and immediately isolate them. Take the network offline at the switch level or physically unplug the systems from the wired or wireless network.
  2. Immediately take backups offline to preserve them. Scan backups with anti-virus and malware tools to ensure they’re not infected
  3. Initiate an immediate password reset on affected user accounts with new passwords that are no less than 14 characters in length. Do this for Senior Management accounts as well.

Just one more step

Please fill out the following form,