Reporting the Loss of Laptops or Mobile Devices
Are you unsure about when or how to report the theft, mysterious disappearance or loss of your electronic data processing media/equipment or hand held mobile device? Here are some helpful tips when it comes to reporting the loss and additional security of those items at the University of Montana!
In accordance with MCA 5-3-309, the University of Montana is required to immediately notify both the attorney general and the legislative auditor in writing upon the discovery of any theft, actual or suspected, involving state money or property under the agency’s control or for which the agency is responsible. Loss of these items should be reported immediately to University Police Department, as well as notifying the Risk Management and Insurance Director in Environmental Health and Risk Management at 243-2700. You will need to complete a State of Montana Report of Incident Form. Damages and claims expenses can result from the theft or loss and unauthorized disclosure of private non-public information that may be accessed via these devices. Even though the value of the item may be less than the insurance deductible, a report needs to be made to ensure that there has not been any compromise to sensitive data. Report any suspicious computer activity, including any possibly exposed sensitive data to Adrian Irish, IT Security Officer, 243-6375 or firstname.lastname@example.org.
Additional Security Tips:
- Be sure devices are set-up with log-in and password, passcode, or passphrase protection. (Do not store with the device.)
- Enable a firewall on your laptop.
- Use encryption to protect your personal confidential information on mobile devices.
- Do not store UM confidential data on your mobile devices.
- Devices should be kept up-to-date. Never delay applying updates. If unsure, contact IT Central (243-4357).
- Devices should be powered down and/or locked when not in use.
- Avoid using easily lost or stolen devices such as flash drives, memory cards, and/or USB drives when transferring confidential data. If you must use these devices, be sure that the device or data has been encrypted.
- Always backup information before traveling, and when possible take a “clean” device.
- Never access personal/sensitive information through the use of a public computer while traveling.
- Check online for travel security and export control information.
Confused, questions, or need more information? Contact the Risk Management and Insurance director at 243-2700; Adrian Irish, IT Security Officer, at 243-6375 or email@example.com; or visit IT's Security Awareness training site.