According to Gartner research, one laptop is stolen every 53 seconds. And nearly 41% of all data breach events from 2005 through 2015 were caused by lost devices such as laptops, tablets and smartphones. What this research neglects to mention is that mobile device security developments have outpaced those of desktop operating systems, leaving laptops as a far greater source of risk than phones and tablets.
The result? U.S. organizations face the threat of a breach with an average cost of $3.86 million (according to IBM Security’s 2020 Cost of Data Breach Report). .
Shipping laptops is increasing your threat surface
With COVID-19 still posing a significant threat, it is likely that the majority of your workforce is still working from home and you have new staff members joining without ever stepping foot into a company building. This also means your IT teams are spending too much time organization the shipping of laptops to those new staff members.
And by simply shipping laptops to remote workers and third-party vendors, across the globe, you are opening your business up to unnecessary threat surfaces and security risks. Laptops can be stolen, lost, or compromised either within the shipping period or once in the hands of your new employee or contractor. Moreover, shipping and customs procedures at international borders introduce additional complexity and administrative delays that lengthen the time before a project can actually begin.
Company-owned laptops in the hands of remote staff and service providers introduce other risks such as malware intrusion from high risk end-user computing like web surfing or using public WiFi access points. VPNs provide some degree of protection from the risks of using uncontrolled and inadequately secured WiFI networks, but many VPN implementations provide insufficient protection against “man in the middle attacks”. And there remains a risk the laptop could contain viruses or malicious software obtained via high risk user behaviors. Once on the endpoint device, the malware will quickly penetrate into the corporate network via the VPN connection with inevitable consequences.
Shipping and customs delays aside, laptops are also at risk of being ‘lost’, stolen, or spied upon in countries with hostile nation-state cyber activity. Similar risks can be associated with any remote access solution that requires credential delivery using traditional email or other collaboration tools.
But an even bigger challenge for companies who distribute laptops to far-flung employees just might be keeping track of them all while ensuring their performance is up to speed, and keeping them secure. This requires a massive investment in time and IT resources – for starters, a live inventory of all company assets must be created and kept up to date. There are solutions that can help make this job easier for IT managers, such as auto-discovery placing physically trackable stickers on every asset, but these tools typically only tell half the story: You can’t tell what software is installed on the machine, what OS it’s running, or how often or when it’s being used.
Unfortunately, a large number of businesses who ship laptops to virtual employees end up with a lot of IT equipment scattered across different geographic regions, but very little insight on exactly where those assets are or what’s being done with them.
The cost of shipping a physical laptop to a contractor
The typical cost of buying, configuring, managing, and shipping laptops to consultants is around $3000 per laptop or per consultant, plus the ongoing costs of support and the costs of returning the laptop at the end of the project. In addition, there are costs that cannot be quantified but could be exponentially more expensive for loss of data, intellectual property, and reputational costs should a laptop be compromised, lost, or stolen. Shipping laptops also brings with it a loss of agility. The lead time to deliver laptop to remote contractors doesn’t just impact project start times, any subsequent resource augmentation or replacement to address a change in requirements or prioritization will also be subject to the same delays.
Project delays as a result of shipping laptops
Security vulnerabilities aren’t the only things putting your project at risk. Shipping delays can put your project timeline in the red. One service provider in Spain validated this story with us just recently. Although a relatively small and international provider, they offered a global set of experts with unique skills and global customer support, with this differentiator, they won a contract with a large financial services institution in the USA. Thus begins their laptop shipping nightmare...
The contract insisted the service provider use laptops owned, configured, and shipped by the financial institution. The customer shipped the laptops to the service provider in Spain and subsequently dealt with considerable delays releasing them from Spanish customs. After three months of paperwork submissions to the Spanish authorities, the laptops were finally released. However, by the time they were in the hands of the service provider employees, the tokens and access rights had all expired thus adding more time to resolve the security tokens and reset the access credentials. Meanwhile, the high priority project was severely behind schedule with the business owners becoming increasingly frustrated with the IT team within the financial services institution.
The solution? Virtualizing the laptop process
What if there were a better, more secure, more efficient way to onboard remote staff and IT consultants? What if you could eliminate the need for hardware altogether, remove the fear of endpoint devices being compromised or stolen, and eliminate the risk of data loss, while at the same time achieving far greater levels of business agility?
There is a way to completely virtualize the laptop shipping experience and turn the traditional method of onboarding workers on its head.
With a SaaS-based Secure Virtual Room, organizations can stop shipping laptops to the remote workers and global IT consultants. They can create a secured perimeter or virtual extension of their organization where they control the Windows and Linux workstations, install all the necessary tools and intrusion detection, and endpoint management tools; set system access policies and network segregation rules; decide who they want to invite into the secured perimeters and what policies they want to enforce; and are immune to threats to end-point devices. Moreover, IT organizations can switch from a capital expense to an operational expense model with elasticity to scale as demand goes up and down.