How to Delete Data from a Stolen Laptop
With laptop thefts on the rise, businesses need to know how to keep their data safe and secure. Data breaches are a reality these days, and businesses of all sizes stand to suffer in equal measure.
There is nothing much that you can do if one of your employees loses his or her laptop. Apart from cautioning them to be more careful in the future, you also need to do something that ensures your company’s information does not fall into the wrong hands. It is vital to know how to delete data from a stolen laptop if you want to keep your company information safe.
How secure is your company laptop?
If you are in business, then using laptops and other mobile devices is inevitable. Also, with the bring-your-own-device (BYOD) trend increasing by the day among companies, laptop and other mobile device security should be of paramount importance to businesses of all sizes.
Companies have to share information with their partners, suppliers, and customers, both within and outside of their offices. It is, therefore, important that businesses understand the importance of document management so that they can keep their proprietary content safe and secure from prying eyes.
Another measure that you should be using is encrypted security solutions. Encryption is one of the best ways that can ensure the security of your laptop. If your laptop uses data encryption, there are chances that your data will remain safe even if it is stolen. Also, laptop encryption tools these days are mature and readily available.
One of the most important aspects in data protection is to provide adequate training to employees on how to safely use their mobiles and laptops. Our blog post – “What You Need to Know Before Your Company Adopts BYOD” – covers the main security issues that should be addressed in establishing company policy regarding the business use of employees’ own devices.
If the worst occurs, and an employee’s laptop is stolen, performing a remote wipe before the thief can access data can help prevent a security breach.
What is a remote wipe?
Essentially, a remote wipe is a software solution or system capability to remotely delete and wipe out data on a system or device. Features like remote wipe are part of comprehensive data security management systems, which solve data breach problems that can occur due to not following BYOD policies or other security gaps in distributed company computing networks.
Data wipe is the method whereby stored data on a device gets deleted and destroyed using mobile access in the framework of mobile device management. But to protect your laptop and other mobile devices, you need to ensure that you set up remote wipe before the device is stolen so as to protect your personal and company information. Once a device is lost, it is not possible to wipe devices or deploy endpoint management easily.
Personal information data deletion is triggered once a remote erase command is executed from a remote system endpoint. The remote delete command can erase all the data on a device, or it can specifically target company-specific data.
Data and device wipe are useful techniques because when unauthorized access occurs in a device or system, it allows device administrators to initiate a factory reset easily and restores factory settings remotely.
When it comes to remote wiping, you have the option to either lock the device or erase the data. When dealing with lost devices, many businesses prefer to remote lock the device where the screen gets locked, preventing access to the device. Here the information remains on the device, but access to unauthorized users is denied. The other option is to remote wipe the stolen device. Between the two, it is always more prudent to remote wipe a stolen device rather than just locking it down.
If your laptop is stolen, you can use ‘Retire’ or ‘Wipe’ action to delete your company data and send the device back to factory reset mode. Microsoft provides a complete set of instructions on performing these actions – and others.
When you send a Wipe command, it restores a device to its factory settings. You have the option to keep the user data on the device if you select the Retain enrollment state and user account checkbox. If this checkbox is not selected, the Wipe command can erase all the apps and data on the device.
But you need to remember the Retain enrollment state, and user account option is not available on all the Windows laptops. It is available for Windows 10 version 1709 or later. When the device connects to Intune after the Wipe command, MDM policies will be reapplied. The Wipe feature can only function if the device is on and connected.
When you give a Retire command, it removes managed app data (where applicable), settings, and email profiles which were assigned by using Intune. The device gets removed from the Intune management, and this happens when the device next time checks in and receives the remote Retire command. A Retire command does not remove the personal data of the user. The Retire feature can only function if the device is on and connected.
Three facts you need to know about a remote wipe
You need power and a network connection to remote wipe – As Wipe is a command that is given to a device, the device needs to be turned on and connected to a network so that it can receive the command. You need to know that if the device is switched off, you cannot remote wipe the device.
Remote wipe has many options – There are many options available for a remote wipe. You can remote wipe the device and send it back to the factory reset mode. Also, there is an enterprise wipe option where only the company data and application get deleted from the device, and personal data is not touched. Another option is KeepAlive, where complete device reset happens automatically if the device goes missing for too long.
It is not possible for you to opt-out of it – If your laptop or mobile device is company-owned, or even in case of BYOD, your company will have some level of erasure capability to wipe your device.
Fortunately, overcoming the challenges of BYOD does not need to overwhelm your organization. DocuServe has the industry experience and solutions to protect company data in the BYOD work environment, keeping employees productive without risking data loss. Our eServe encryption solution provides content security in the cloud, mobile access, security at rest and in motion, encrypted data security, remote wipe and much more.
Contact us to learn how DocuServe can be the ideal solution for your company’s move to the brave new BYOD world.