Everybody knows that laptop computers, tablets and smartphones get stolen, and everybody reading this probably owns at least one of these digital devices, so should you be concerned about yours being pinched, pilfered, peculated, purloined, or in other words, stolen? Based on the survey that ESET recently conducted in conjunction with Harris, I would say the answer is "Yes!" And this is particularly true if you find it worrying that 1 in 10 device-owning adults reported experiencing at least one device theft (based on a poll of over 1,700 people aged 18 or older who owned a smartphone and/or laptop and/or tablet).
I was surprised that the incidence of theft was so high and I don't like the odds of 1 in 10, particularly when I think about how much confidential personal--and sensitive company--data there are on the various mobile computing devices that I use. But where are these device thefts occuring?
According to the experiences of our survey respondents, the single most likely crime scene for the theft of laptops, smartphones, or tablets, is? The car, cited by 21%. Following closely is your home, cited by 18%.
Also dodgy are airports, trains, buses, and other public transportation (11.5%). Dining out can be equally dangerous for digital devices. Somewhat surprisingly, at just 7%, the office is less of a hot bed of portable computer crime than you might expect.
Not surprising, to me at least, is the fact that many people who use digital devices are worried about them getting lost or stolen, yet the numbers vary according to how many devices you own. In our survey, almost half of those who owned all three (a smartphone and tablet and laptop) said they were worried (48%). Among those who said they owned one or two of these three devices the level of concern was 34%. We also saw variations in level of concern according to region, age, and gender. For example, fears of device theft were lowest in the Midwest, lower among women than men, and higher among people 18-34 than those who are over 34.
Adding to the fear factor is the survey finding that more than 1 in 100 people had experienced multiple device thefts, with just under one percent reporting three or more devices stolen. Note that we are talking stolen, not simply lost or misplaced. If you want a handy "gone missing" metric, consider the 48% of respondents to an Information Week survey last year that said "Yes" when asked "has any mobile device containing enterprise data come up missing" in the past 12 months?
Losing a digital device is usually a huge pain for the device owner, but the numbers we see in our survey raise information security concerns that go beyond the owner of the device to impact people and organizations whose data may be compromised by the theft. A stolen device not only harbors data but also contains, in most cases, credentials with which to access other systems, which crooks may then seek to abuse. Think of your email accounts, social media accounts, bank and shopping accounts. But it goes even further than that.
If you recall the survey we did last year, in which we asked people about their use of personal devices for employer business, you know that this phenomemon--often referred to as Bring Your Own Device or BYOD--is very common, encompassing more than 80% of employed adults. So, losing a digital device is quite likely to affect a person's employer.
To understand how theft of devices, both personal and company-owned, affects just one sector of the economy, consider that 94% of healthcare organizations surveyed in the recent Ponemon Institute study (Third Annual Benchmark Study on Patient Privacy & Data Security), suffered at least one data breach during the past two years, and 45 percent experienced more than five data breaches each during this same period. A pretty attrocious track record if you ask me, so how the heck do these breaches occur? The primary cause of the security breaches in this study was a lost or stolen computing device (46%),
Clearly, malicious software and scam artists are not the only threats to our digital privacy and security. Physical security is also a serious problem of which we all need to be mindful. We will be writing more about this issue in 2013, but in the meantime, give some thought to the protection of your digital devices sooner rather than later. (If you have had a laptop, smartphone, or tablet stolen, and would like to share your experience, please feel free to reply with a comment below).
Note: Survey conducted online within the United States between January 2-4, 2013 among 2,126 adults (aged 18 and over) by Harris Interactive on behalf of ESET via its Quick Query omnibus product. Figures for age, sex, race/ethnicity, education, region and household income were weighted where necessary to bring them into line with their actual proportions in the population.
