Flexible working models fuel surge in device theft

76% of respondents have been impacted by incidents of device theft in the past two years, with incidents more common in organizations with more flexible working models, according to Kensington.

For instance, research revealed that 85% of organizations with flexible working models experienced an incident of theft in the last 2 years, compared to 71% of organizations whose employees are fully onsite.

The study, which surveyed 1,000 IT decision-makers representing a variety of industries, revealed that device thefts resulted in significant financial and productivity impacts on their organizations.

• 30% reported increased insurance costs due to repeated device theft
• 33% were subjected to legal or regulatory consequences due to compromised data
• 30% suffered financial losses due to the need to replace devices
• 32% reported disruption to employee productivity.

Data breaches emerged as the top concern in the study with 46% of the participants reporting they have experienced a data breach as a direct consequence of an unsecured device. According to the IBM Cost of a Data Breach Report 2024, the global average cost of a data breach is $4.88 million USD, up 10% from 2023.

In organizations that reported experiencing a data breach or loss of sensitive data in their organizations due to an unsecured device, 60% of the organizations were not using security locks, compared to 38% who were.

While the study found that data breaches resulting from stolen or unsecured devices, such as laptops, desktops, tablets, and external storage devices, were the most concerning vulnerabilities to senior IT decision-makers, data loss resulting from insufficient digital security measures was also of concern:

• 43% expressed concern about unauthorized access to company data on devices;
• 23% worry about visual hacking (i.e. sensitive information being viewed in public spaces);
• 22% stated concern about the loss of sensitive data due to insecure home networks.

97% recognize the critical role physical security locks play in helping to prevent the theft of devices and the unauthorized access that often results. With the adoption of flexible working models by organizations of all sizes, devices are increasingly exposed to theft and accidental exposure as workspaces have moved from controlled office environments to home offices and public spaces.

Organizations using security locks were 37% less likely to experience a data breach caused by an unsecured device (38% vs. 60% among those who aren’t using security locks).

Based on survey results, organizations in the consumer services (65%) and public/private healthcare (57%) industries are more likely to have experienced a data breach as a consequence of an unsecured device.

The likelihood of device theft in smaller organizations (100-249 employees) has increased more (82%) than in larger organizations with more than 1,000 employees (69%), highlighting the relative impact to smaller organizations where resources are more limited, the impacts may be more pronounced.

Those in more senior positions are much more likely to report they’ve been impacted by incidents of thefts (87%), than mid-level managers (67%). It’s likely those in charge of running the day-to-day of a business are ill-informed of the potential threats facing unsecure devices.

84% of surveyed senior IT decision makers say security locks are cost effective in mitigating potential data breaches – that they offer significant value in preventing theft and breaches. Furthering this, 42% believe they’re extremely cost-effective.

While physical security measures like locks are effective, they must be part of a broader strategy to tackle security risks associated with hybrid working.