Sign in with
Sign up | Sign in

Business Laptops Cost $50,000 to Replace

By - Source: Tom's Hardware US | B 13 comments

Software is the most costly part of lost or stolen laptops

We’ve heard many times over stories of stolen laptops. Perhaps we’ve even been victims of a stolen laptop, and those of us who have, know that we lose more than just the cost of the hardware.

According to a study conducted by the Ponemon Institute, notebooks lost or stolen in airports, taxis and hotels around the world cost corporate owners an average of $49,246. Clearly the cost of the hardware is just a small fraction of the value, with the most of the losses coming from data stored on the hard drive.

Intel commissioned the study to “better understand the problems and solutions associated with lost notebooks,” or perhaps to better market its own anti-theft technologies, such as Centrino 2 with vPro.

The sooner a company discovers that one of its notebooks has gone missing, the lower the costs associated with the loss. According to the study, the average cost of a notebook discovered missing the same day lost is $8,950. After more than a week, the cost can jump to $115,849.

While snatching the laptop of a company’s top leader may seem to be the holy grail of corporate espionage, the study found that the CEO’s computer isn’t the one that’s most costly. The study estimates a senior executive's notebook value at $28,449, while a director or manager's notebook is worth $60,781 and $61,040, respectively.

Through analysis of 138 instances of lost and stolen notebooks, the study came to its figures after taking into account costs associated with replacement, detection, forensics, data breach, lost intellectual property, lost productivity, and legal, consulting and regulatory expenses. Data breach alone represents 80 percent of the cost.

Not surprisingly, encrypted laptops mitigate the loss of a corporate laptop by a significant sum. The study found that a lost encrypted hard drive is valued at $37,443, compared with $56,165 for a non-encrypted version.

Display 13 Comments.
This thread is closed for comments
  • 7 Hide
    hellwig , April 24, 2009 4:33 PM
    Encrypt your laptops, restrict who gets to take thier laptops where, and for chrissake, make people store files on your network shares.

    First off, as American's we need to be less inclined to take our work with us out of the office. Less people taking laptops home means less chances of them getting lost or stolen.

    Second, if we must take our laptops with us (off site business meetings or other work related travel), encrypt all your data, and only take what you'll need. I can't believe how many unencrypted government laptops with sensitive information get lost every year. Why does some census worker need 1 million SSNs on their laptop?

    Finally, regardless of whether you use a laptop or desktop, always store you data on the network drives (assuming your company has them, and they should). There's no reason to lose a weeks worth of work when your harddrive dies because you don't like spending a few minutes before you leave work each day copying (or moving) your data to a network share. Network shares should be backed up and redundant, your Dell desktop certainly isn't.
  • 3 Hide
    Marcus Yam , April 24, 2009 4:45 PM
    Those are all sensible solutions and would cut down on loss of corporate data. Of course, a lot of that depends on actual user action and involvement -- and users can rarely be counted on to maintain the system that you described.
  • 4 Hide
    lordfisch , April 24, 2009 4:53 PM
    There's a Pokemon Institute?!

    Oh.. OHhhhhhh.. "Ponemon"...
  • 2 Hide
    antilycus , April 24, 2009 5:39 PM
    The problem is, and always will be, Management. Those who are NOT I.T. savy. They want it now and don't care about the security on the backend. And of course, NOBODY is held accountable in America which means there is no reason to come close to enforcing the rules, because HR wont do squat about it, if its a management/executive person.
  • -1 Hide
    belardo , April 24, 2009 6:34 PM
    Yep yep... I setup security up to want management is willing to deal with. They want it easy. They want to run Outlook (ugh), etc. After a while, you do your best and let them understand that there are pitfalls.

    By the way, WindowsXP encryption is almost useless. And of course business doesn't like vista for obvious reasons. Even Win7's recent security problem shows that almost any computer can be broken into.

    It's all a matter of how much time a person is willing to spend to get to that data. BTW: Perhaps the most secure and deadly protection would be a self-destructing setup. If the pass-word is incorrect or its unable to "call home" so many times, it starts erasing data as much as possible (like during the log-in screen)... do a level1 to get it done quickly to make things difficult, then level 3 or 7.
  • -1 Hide
    millerm84 , April 24, 2009 6:55 PM
    Given physical access or even internet access no system is secure. Every IT manager should have that printed with 100+ point font banner in every executives' office. With that said and known all business infrastructure should be developed with only security in mind. Other wise they may as well post their information on the web and be done with it. Ease of use is only beneficial to hackers any manager or executive that has trouble with that should be confined to a type writer. Seriously....a type writer.
  • 0 Hide
    Anonymous , April 24, 2009 9:45 PM
    As IT staff we tend to see security as a single objective, and we need to remember that in business terms it's a trade off. What will the loss of data/time/hardware cost compared to the profit generated by an easy to use system.

    I'd also like to see where some of the numbers come from in this report. Most execs don't walk around with bank account information on their laptops, so I can only guess that this is 'lost work', and potential value of information.
  • 0 Hide
    kingssman , April 25, 2009 12:39 AM
    There's a Pokemon Institute?!

    Oh.. OHhhhhhh.. "Ponemon"...
    ----

    Gotta catch them all
  • -1 Hide
    kingssman , April 25, 2009 12:39 AM
    There's a Pokemon Institute?!

    Oh.. OHhhhhhh.. "Ponemon"...
    --
    gotta catch them all
  • 0 Hide
    Upendra09 , April 25, 2009 2:35 AM
    Business should all buy the laptops for their workers and disable the HDDs. Then that would force workers to save onto the companies network, or server. And if a ever a need comes that one needs to work at home on office work the company should offer a virtual pc setup where the HDDs are re-enabled and the next day when the person comes to work, the HDD is emptied into the server HDD. This is a simple and effective way to get rid of the problem with stolen laptops
  • 1 Hide
    croc , April 25, 2009 5:11 AM
    Our CEO went on a business trip to the US, and it took our IT / secutity groups two days to prep his laptop. Then it was confiscated by the TSA... Good luck getting anything off of it, wankers... It was encrypted with 2048 bit encryption, and had almost nothing of value anyway.

    We arranged for HP to loan him a replacement, talked him through installing our VPN client, and downloaded the bits he needed over the VPN. Three days later, we initiated a wipe script, and then HP reclaimed it.

    TSA never returned the laptop, either. Nice way to treat your allies...
  • 0 Hide
    rambo117 , April 25, 2009 6:40 PM
    then use norton xD
  • 0 Hide
    dark_lord69 , April 27, 2009 2:15 PM
    Seriously!!!??? What kind of software are these people using!!?? I can tell you from experience that ordering a corporate laptop is no where near that. All of our laptops are encrypted. The total cost of the laptop and ALL of the software is typically never more than $5,000. (Usually waaay less).
    I wonder what thier figures are based off.. Cause when a person here looses his or her laptop they may loose the data for a 10 million dollar client so when you take that into account well then our laptops are worth exponentially more.