The bad news:
Laptop and smartphone theft pose a serious risk to your business. If your organization adopts a BYOD policy, these mobile devices may contain not just videos, contacts, and apps but proprietary company data, too.
According to a report by Kensington, 23% of IT theft happens in the office, while 15% of cases occur in airports. Even worse, a device’s price tag may not exceed $1000, but the average value of a lost business machine tallies to $49,246!
Between data breach, intellectual property losses, lost productivity, and legal costs, IT theft is a serious money sucker. And for the customers that trusted their data to you? Displeased is a gross understatement.
The good news, however:
Massive damages are preventable.
You can lose a company-issued laptop or smartphone and still keep the contents secure from prying eyes, thanks to encryption.
Encryption is the process of turning plain text information to ciphertext, making it unreadable to unauthorized users.
Without encryption, a thief can extract sensitive data from a machine using a USB thumb drive and a separate computer, even without the user’s log-in credentials. But if a machine is encrypted, unauthorized users can only see a nonsensical mishmash of letters, numbers, and special characters.
You still have to spend money to replace the lost device. But for businesses that collect personally identifiable information, it’s a drop in the bucket compared to the financial, legal, and reputation damage that follows data theft.
Many forms of computer encryption exist, but full-disk encryption is the most reliable of the bunch. With full-disk encryption, a user must type in a passcode or provide a key (via a USB device) when powering up the machine to unlock the files.
Sounds complicated? Don’t worry! Even a 12-year old can encrypt their device, and the mini-guides below will walk you through the steps.
Most of today’s operating systems have strong built-in encryption software. You only need to activate it.
If you’re using Windows 7, 8, or 10 for your business machines, Microsoft’s BitLocker makes full-disk encryption a breeze. To start, fire up Windows Explorer or File Explorer, right-click the drive you wish to encrypt, and select Turn On Bitlocker from the menu.
After enabling Bitlocker, be sure to save (or better yet, memorize) the encryption key. Without it, accessing your disk’s data is impossible.
Apple users, on the other hand, can turn to the FileVault. Start by navigating to the System Preferences, and click on Security & Privacy. Go to the FileVault tab, click the lock button, and enter an administrator name and password.
Portable disks are a double-edged sword: easy to take anywhere, yet just as easy to steal! For encrypting external and USB thumb drives, use BitLocker To Go, a version built for removable media.
Plug in the external drive you want to encrypt and navigate to the BitLocker menu via the Control Panel. You will find the Bitlocker To Go section at the bottom of the menu. From here, just click Turn On BitLocker next to the removable drive and that’s it!
The latest Android smartphones have encryption turned on by default. If you have an older phone, however, you need to keep a few important things in mind before proceeding.
First, encryption can take an hour or more. Second, your smartphone’s battery should at least be 80% charged, and you need to keep the phone plugged in throughout the entire process.
With the must-knows out of the way, here’s how to encrypt your Android smartphone:
Go into the Settings menu and tap Security. Next, tap the Encrypt Phone option. The following screen will warn you about the operation - that it’s irreversible and interrupting the process can lead to data loss. If you’re ready to go ahead, just tap Encrypt Phone at the bottom of the screen.
For iPhones, the process is way easier and can be completed in a minute or two.
First, go to the Settings menu of your iPhone, then to the Touch ID & Passcode section. Select Turn Passcode On and enter a numeric or alphanumeric password. Once the password or code is set, the bottom of your settings menu should read “Data protection is enabled.”
Encrypting your outgoing and incoming Internet traffic makes a lot of sense. For employees and business folks on the go, logging into public and unsecured Wifi networks to access company information can’t be helped.
Doing so puts you in a vulnerable position. One where hackers and eavesdroppers can pull off Wifi spoofing and Honeypot attacks, putting your business at risk.
Fortunately, a virtual private network (VPN) can encrypt and render whatever data the baddies intercept useless.
A VPN uses dedicated connections and encryption protocols to create a secure tunnel where users can access a private network while using public networks. While a firewall protects data at rest on your laptop, a VPN protects your data while it’s in transit.
Building a business VPN is the go-to solution for many big corporations. But if you’re running a small business with a tight budget, turning to a subscription-based VPN service may be the next best thing.
NordVPN, for example, adopts a strict “no logs” policy, has servers across 49 countries, offers double encryption, and a “kill switch” to protect sensitive data. Their yearly plan costs $69 or $5.75 per month.
Another provider to look into is PureVPN. Based in Hong Kong, the service allows clients to hook up to over 500 servers across 141 countries while keeping connections secure with a 256-bit grade encryption.
Laptops and smartphones can do wonders for workplace productivity, collaboration, and overall efficiency. But these portable business machines can leak out valuable information, too, if you’re not careful. Follow the encryption steps we just discussed, and keep malicious hands and eyes away from your data. Your sanity - and your customers - will thank you for it.Back to Small Business blogs