Latest ITAM News

Digest: November 2014 – Recovery of a Stolen Device

By IAITAM

IAITAM Members Only

It’s ITAM Awareness Month!
December, for the 5th year in a row is dedicated to education – and it’s all free!  As we have done in the past, and supported by the vendor community, IATAM will have up to 2 sponsors daily for each day of the first 3 weeks of December.  Sponsors will present recorded webinars; white paper downloads along with giveaways that you can register for as an added end of year surprise!
Watch the IAITAM website for registrations – and remember, this program is to give back to the ITAM community, and all items are free of charge to register for during ITAM Awareness Month.  Don’t miss out on this week’s offerings:

December 1st TAM-Inc IMUG Webinar: ITAM Practices – Invoice Verification Invoice verification is foundational to ITAM, as a means to avoid unnecessary or incorrect payments and as a source of information… For More Information>>
OpenIT Webinar: Transforming Business thru Software Usage Optimization Taking a phased approach to software asset management can save an organization millions of dollars without hindering the… For More Information>>
December 2nd MobileReach Whitepaper: Best Practices in Mobilizing IT Asset Management IT Asset Management has always been a discipline that… For More Information>>
December 3rd BDNA Webinar: Data-Driven Enterprises Excel at IT Asset Management You’ve got IT assets and you need to manage them. But IT Asset Management is more than managing assets… For More Information>>
December 4th Miro Consulting Webinar: The Importance of Utilizing IBM Licensing Metric Tool (ILMT) What is IBM Licensing Metric Tool and why do I need it? This presentation discusses the free tool available from IBM… For More Information>>
Flexera Software Webinar: Managing and Optimizing VMware Licensing VMware is the market leader in server virtualization technology—most large enterprises and many small to medium size businesses use this… For More Information>>
December 5th Eracent Webinar: Software Baselining to Ensure Network Security This webinar will detail the use of Software Baselining as an effective means of assuring the security of your… For More Information

2015 ACE

The 2014 Fall ACE was a huge success!  Thanks to all the IAITAM Members that contributed to the effort and showed their enthusiasm and support of the Fall ACE!  Again, as in the past two year’s events we drew significant attendance from a local audience which helps spread the news of the importance of the ITAM program to businesses that we have not been face-to-face with in the past.

Update:  The Spring 2015 ACE in San Diego is seeing a huge surge in speaker proposal submissions the past two weeks, so if you are interested in being considered for a speaking slot for the Spring event, please submit your proposal form before year’s end – and remember, if your proposal topic is chosen, you have a complimentary pass to the entire 3-day ACE!

For questions or additional information on this or any IAITAM ACE event, reach out to your IAITAM Member Service representative today at info@iaitam.org or call +1.330.628.3012.

Or, if you couldn’t attend this fall and are working on the 2015 budget, register now for the Spring 2015 ACE in San Diego, April 28- 30, 2015!
Member IMUG’s
The IAITAM ACE IMUG session will be held for all those in attendance in Sandusky at the Fall ACE and not broadcast live.  Look at what’s forthcoming in the Scoop.IT newsletters or the IAITAM mobile app.  Download today by searching IAITAM in the App Store or Google Play.

December IMUGs are postponed to January due to ITAM Awareness Month events.  The first quarter of 2015 though is shaping up nicely with the following sessions already scheduled.  We will have the entire first quarter filled before year’s end!

2015 January 13th – TBD 20th – Terry Divelbliss – Eracent – SW Baselining to Ensure Network Security 27th – Sherry Irwin – ITAM – It’s all about the Data, no Question!
2015 February 10th – Ask the Fellows 17th – TBD 24th – Dan Mattock – Securis
March 10th – Terry Divelbliss – Eracent – SW Baselining to Ensure Network Security

If you’d like to listen in on past recordings, just visit the IAITAM website to listen in to previous month’s recordings at this webpage (you must first log into the site with your Member ID): Strategic Information for IT Asset Managers

IAITAM Members can register for one or all and participate in none or all monthly.  For questions or to suggest a speaker or topic for the IMUGs, please email imug@iaitam.org.
IMUG Monthly Article:

Recovery of a Stolen Device
Data Recovery and Protection is Top Priority

With mobile technology integrated into our personal and professional daily lives, technology has made it easier and faster to access most information.  Devices have become more powerful, opening up usage to everything from content generation to video editing and professional photography.   With speed and ease of use as criteria, manufacturers have also made logins, passwords and other identity credentials as simplistic as possible.  Often, only a screen lock password or other generic protection separates us from instant access to all of the information.  Who remembers the last time that they had to use their Facebook password or sign into the complicated password used to secure our email?  For most users, it is a “one and done” event with our mobile devices remembering those passwords and rarely logging out.  We do need the passwords when we upgrade to a new device, but once logged in, we save the credentials to ensure fast access to the data as well as auto-population of new data from the associated application.  This usage highlights the dichotomy between rapid, free access versus security.  Although ITAM focuses on the business aspects of mobile devices, let’s make it easy to empathize with the organization through a personal example.
I recently had my cellphone stolen and with it, the gateway into my entire life.  Facebook, several email accounts, banking information, calendar appointments, geological data (such as my home address when using the navigation application) and other information was now in the hands of an unknown entity.  My heart sank and the threat of identity theft felt very real.  Facebook could provide my name and birthdate.  Navigation apps could provide my home address and my banking app could provide an account number.  With a name, birthdate, address, and bank account number in the hands of someone devious, I could now be the proud owner of a condo off the Florida Keys and there would be little recourse.  I also wasn’t comforted knowing that the only thing standing between me and financial hell was a fingerprint scanner and a 4-digit code.
Consumer Reports says that I have lots of company.  According to their latest projections, 3.1 million smartphone thefts occurred during 2013.  To put that statistic into perspective, that means there are almost 8,500 smartphone thefts per day or 353 per hour or almost 6 per minute.  Of these smartphone thefts, 1.4 million, or 45%, were lost and never recovered.  I was determined to not be part of that statistic.
I immediately tried to find my phone.  I searched the area where it was taken, tried locating it through phone location apps and security apps as well as searching for it through that internal GPS system that would soon betray me with the location data it held inside.  All of these measures were of no use because the phone needs to be on and connected to the internet to work.  Unfortunately, I was dealing with a criminal smart enough to immediately shut the phone off.  That action does not require any passcode to perform and prevents all location, wiping and tracking capabilities.  Even if I had located the phone, what could I have done?  What if the thief was armed or ready to defend their new ill-gotten gains?  Those thoughts lead me to call the police.
I contacted the local sheriff’s department and their response was almost instantaneous.  Within 5 minutes of placing the phone call, I was meeting with the sheriff to give a description of the events.  By filing a police report, I would be able to provide a substantiated claim on the device should it ever be recovered.  The sheriff was also able to take steps that I could not such as reviewing security tapes and speaking officially with security personnel.  I had an authority figure on my side which put my mind at ease a little.
After the police report was filed, I had a decision to make.  Should I disconnect service for the phone through my service provider, “brick” or wipe the phone clean through my phone’s manufacturer?  Or, should I wait to hear from the sheriff and hope it was recovered?  I was leaving the location the next morning so I decided to wait until morning to hear from the sheriff before I decided on a course of action.
The next morning came and the sheriff responded to the incident and informed me that they were unable to find and recover my phone.  At that moment, I knew that I probably would never see the device again so I decided to start the process of ensuring that the thief would never recover any data inside the phone.
I contacted my service provider and asked them to disable service to the device.  A short conversation with the customer services rep (CSR) was enlightening.  The service provider has little authority to do much in the case of a lost or stolen device.  The CSR told me that all that a service provider was allowed to do by law was disable the device from connecting to their cellular network.  The device could not be wiped from their end nor could the device be flagged if it came back online.
At this point, the thief had a device that only connected via Wi-Fi locations.  This would have been more comforting if free Wi-Fi wasn’t available everywhere from Starbucks and McDonalds to college campuses, libraries and the occasional unsecured neighborhood Wi-Fis.  I knew I would need to take this one step further.
I used my manufacturer’s programs to establish a series of protocols should the device be turned back on and connected to the internet.  First, I had to identify the cellphone through a series of serial numbers, IMEI/MEID identification numbers, my phone number and personal identification information.  This gave me a few options including:  attempting to locate the phone, displaying a message on the screen for the thief to see (to possibly offer a reward for its return) and wiping the data from the phone.   I decided to wipe the phone clean and call my insurance company to order a new phone.  This meant that even if the cellphone was found, there would be little I could do with it other than possibly sell it for parts.  This is the most complete and secure option but also the most damaging to me personally because the financial cost of replacing the phone is now unavoidable.
This was an exhausting situation, but some valuable lessons were learned that may help within the organization as well:

  1. Ensure all security features on your device are enabled:  There is little time between when you suspect a device has been stolen and when the device is likely gone forever.  All options for device recovery at your disposal are essential for success.
  2. Contact the police:  It is important to get the police involved early to help immediately and with any long-term issues.  If you find your phone, have the police recover the device for you.  If your identity is stolen and erroneous charges on your bank account or credit report are found it is in your best interest to have a documented claim that explains how the charges could be fraudulent.  Taking this step reduces the risk of being liable.
  3. Understand your organization’s data protection policies:  In hindsight, wiping the phone data faster would have been my best course of action.  This will protect organizational data that may be on your device as well as protecting your personal data.
  4. The data is what’s important, not the hardware:  A phone is expensive and an attachment to the device is common.  Knowingly wiping the data on the phone early on in a potential theft situation is a difficult decision because of the financial repercussions.  But, trying to avoid paying for a replacement device is not worth the risk of a stolen identity.  If a police report has been filed, seriously consider wiping the data shortly thereafter.

With all of the emotions and concerns running through your head when a cellphone is stolen, it is easy to see why the organization’s procedures for corporate devices and/or data have to be clear and published frequently.  Whether corporate or personal, the data on the device is the most valuable thing that was stolen.  While recovery of the data might be ideal, it is a higher priority to ensure that the thief doesn’t get to use that data.

Reference
“Smart Phone Thefts Rose to 3.1 Million Last Year, Consumer Reports finds,” Donna Tapellini, Consumer Reports, May 28, 2014,
http://www.consumerreports.org/cro/news/2014/04/smart-phone-thefts-rose-to-3-1-million-last-year/index.htm

About IAITAM

The International Association of IT Asset Managers (IAITAM) is the largest organization providing education, certification and thought leadership to the management of IT as a business. IT Asset Management is the management of hardware, software, mobile and other technology to maximize the value to the organization.