5 things you should do before your device gets stolen
The inspiration for this article comes from my colleague who just had her MacBook stolen (Cloudsister #1 see above). Someone broke into her apartment where she stayed for a business trip. Of course she was quite obsessed by the fact that her not too cheap MacBook was gone — a so-called “Hardware pain”. But at the same time she was super happy that we run everything at Blackboat 100% cloud based for all employees. There was nothing on the device that was lost.
As soon as she bought a new one she was able to access her entire set of data including personal pictures, music and work data within 3:37 minutes. This loss of data is usually the bigger pain for personal stuff and even more for business stuff since you would also have to deal with compliance issues. But not if you can revoke access with just one click.
So that’s why I thought it’s worth to share the basic guidelines we use to protect data in case a device gets stolen. You can use these guidelines to protect your personal data or even hand it to your admin at your company and see if your corporate data is secure from loss.
It’s simple but if you follow all of these points you will limit a lost device to a hardware-pain:
Here is the checklist with our top 5:
- Cloud Storage. Not Device Storage.
- Additional Backup of the Cloud
- Cloud Protection
- Set immediate Logout after inactivity
- List the serial numbers of all your devices and your active online accounts
If you’d like to understand each point in detail, please read on:
1) Cloud Storage. Not Device Storage.
I know it does not feel natural to many people yet. But the cloud will be the standard. I always choose large cloud providers over own servers. Even former corporate Hacker Sven Weizenegger agreed on this one in an interview I did last week with him.
This way you rely on their global infrastructure to backup and secure data instead of your individual devices. If you limit the amount of data that you must have on your device to as little as possible you will only feel the “hardware pain” and not the pain of having lost all your data. I personally learned my lesson when my laptop was stolen and I lost about 30k+ photos from the last couple of years because I did not save them in the cloud (back than it was hard to accomplish, it was 2004 still the middle ages of cloud) , e.g. via Google Photos is a great service but also via Dropbox.
Even music: services like Spotify or Soundcloud make it completely negligible to download music titled and store them on the device. And services like Google Drive, One Drive, Evernote (runs on Google Cloud anyways) make it easy to have all relevant documents for work in the cloud so it can be accessed as soon as you enter your account. I grew my last company from 5 to 150 people entirely on cloud documents.
Note: If it is still necessary to save your data on your device, you need to encrypt your hard drive
If there is data that you absolutely need to have stored on your device, you can protect your data from abuse by encrypting your hard drive. You can either use Apple’s FileVault, if your device is an Apple product or a Bitlocker solution or McAfee Live Safe if your device is running on Windows 7, 8 or Enterprise (see also alternatives).
2) Additional Backup of the Cloud
To prevent you from accidentally deleting data or if you don’t want to rely on one token provider or their backup you can have a backup of the cloud as well. Services like Datto Backupify or Crashplan. In this way your user data is stored in addition in a third-party online storage system. In case of loss within the cloud service all backed up user data can be restored.
3) Cloud Protection
Simple. If you use the same password everywhere and have no 2 factor authentication you don’t need to freak out that even your mom can log into your account. Use good (password checker) and different passwords and wherever possible the 2FA.
With all the accounts that require password access it is difficult to remember all of them. The worst idea is to pick the same or similar password for all of your accounts as your account can be easily hacked. Filling them into a document or note saved on your device means that they are lost as soon as your device is stolen. If you only save this doc on a cloud service you will still be able to access them and nobody can steal them from your device. The best alternative is to switch to password managers such as 1Password (which also offers a inbuilt password generator engine btw. to help you create a strong password). 1Password allows you to store all your passwords online that can be accessed via one universal password (this one needs to be absolutely secure).
4) Set immediate Logout after inactivity
An easy next step to protect data loss when your device is stolen is to simply go to your settings and make sure that whenever you switch on the device or the system has switched to screensaver you need to enter a password (after 5 minutes or even less). In addition, you should install an auto logout setting which automatically logs you out on all online accounts where you are still logged in so nobody can access these. If you’re using Chrome, just install the Auto Logout in the Chrome Web Store.
When you are a Mac/ Safari you can (1) change the setting under the Apple menu (System Preferences → Security & Privacy → General). Then (2) click the “Locker” sign to unlock it and enter an administrator name and password. Further on (3) click advanced and select the option “Log out after… minutes of inactivity.”(4) Set the timing for the automatic logout.
5) List the serial numbers of all your devices and your active online accounts
Last, but not least, create a list of of the serial numbers of your devices. Only if you can report the device with its unique serial number to the police you have a chance to see your device again. If you have an overview of all your active online accounts it is also much easier to promptly react and deactivate all of them.
I hope this will ease the pain when you ever have your device stolen.
Thank you for reading and find out more in my new video (posted below):