A misplaced laptop is no surprise to IT – many a laptop has been left in a public place or lost in plain sight on shelves or in drawers. And unfortunately, employees moving into a new job with a different company have been known to take their laptop with them. On average, 10 percent of IT hardware assets are in a state of purgatory, leaving no trace but a record in the books.
But is this a cause for panic? What’s the true cost of a few missing laptops to a business, especially one with increasing revenue and growing profit?
The real – and hidden – cost of lost laptops
Fact: Laptops are relatively cheap. Another reality: The content on those laptops is an organization’s lifeblood. If an employee loses a laptop, organizations can be faced with the loss of financial documents and information, HR records, regulatory filings, and valuable intellectual property. In addition, lost content could put an organization at risk of falling out of compliance with HIPAA or the SEC.
Not to mention the software licenses likely tied to those laptops – an organization missing a dozen laptops is paying for software licenses it’s not using. These ghost assets can cause organizations to overspend on software instead of shifting and repurposing existing licenses that are already paid for.
Back to the cost of the physical laptop for a second. Though laptops are less expensive than other IT necessities, remember that they do have value. And if an organization is missing 10 percent of its laptops, the total value of those missing assets is significant. It’s no shock that IT professionals consider IT asset management a top priority this year and beyond.
A lost or misplaced laptop is inevitable, but there are steps all organizations can take to limit the potential damage of these missing assets.
Step one: Follow the breadcrumbs
Before you send out the IT asset management rescue party, start small and simple: Generally speaking, searching CMDB and ITSM systems for configuration management records, service tickets, or other records should be the first trail IT follows. Reviewing Active Directory to determine what devices need access to the Windows network is another early step organizations should embark upon.
Next, organizations should conduct a hardware asset audit to determine how many laptops cannot be accounted for. Additional software, financial, and value-based audits will actually help track down some laptops – auditors need to know what hardware is out there, after all – so preparing for one of these audits will help organizations identify any missing devices.
Contracts and records are also helpful; by tracking down purchase orders (both internally and ones housed by vendors), maintenance contracts, or shipping manifestos, organizations can determine what devices need to be accounted for.
A third-party asset management expert can also assist organizations in reviewing purchasing orders and management records to get an accurate count of all laptops. Ideally, only about 3 percent of assets or less should be written off as lost.
Once an organization has tracked its assets, the asset management expert can help it re-deploy “found” assets if they’re still an approved hardware model. Lastly, it can create a security clearance plan that satisfies all departments, from the CEO to IT, to protect the organization’s intellectual property should devices go missing in the future.
Step two: Balance security and productivity
Most organizations already have safeguards in place to protect important data — threat-detection software, password checks, and URL and cookie-scrubbers, for example. But these security protocols raise red flags for employees concerned these restrictions will diminish their productivity.
Organizations must strike a balance between security, productivity, and access, and one way to accomplish this is by developing a security hierarchy. Akin to levels of government security clearance, this hierarchy ensures that workers remain productive while reducing the risk of losing important data and content.
Employees and C-suite executives that work with sensitive data should be grouped in the highest level of security clearance — organizations must know where those laptops or devices are 100 percent of the time. Access to company data may be restricted in these cases, and employees may only access critical content if their laptop is directly connected to the company’s network, not through a VPN. Employees working on less critical information will have easier access, but will be locked out of the walled garden where critical content and data lives.
Maintaining peace of mind
A missing laptop shouldn’t make IT directors toss and turn. By tracking purchase orders and conducting audits, IT can learn how many laptops an organization is missing and even recover some of them.
Laptops are certainly replaceable, but the content accessed through them is not. To protect this valuable data and content, organizations should develop security clearances and protocols that prevent data loss if a laptop does get misplaced. An organization is bound to lose a laptop or two, but with the proper security measures and the backing of a third-party asset management company, it can contain its critical IP, financial information, and other important content.
Contact your SHI account executive to learn more about SHI’s IT asset management team.