Data Visibility & Protection Endpoint Security Insider Threats Education Enterprise Healthcare

Absolute Investigations July Roundup: Device Recovery Success Stories

July 15, 2021

3 Min Read

External threats to an organization’s IT infrastructure, including both devices and the data that resides on them, continue to be a high priority concern. But unfortunately, a more common threat to secure property is the risk posed by an organization’s insiders. According to the 2020 Cost of Insider Threats Global Report from the Ponemon Institute, insider threat incidents have increased by 47 percent over the past two years.

Remote work has greatly contributed to this rise. As more companies choose a hybrid work model for many of their employees, this threat will only increase. Absolute customers benefit from a firmware-embedded endpoint defense platform to strengthen device and data security, with the ability to enable an undeletable digital tether to every endpoint - no matter where it is - and lock, freeze, or wipe the device if it falls into the wrong hands.

They also have the support of the Absolute Investigations Team. With years of experience working with law enforcement, their work has resulted in many impressive device recoveries. Here are a few of the most recent highlights.

Failure to Return

A former employee of a communications firm in Canada returned only an empty box for the company-owned laptop. Their IT team notified Absolute, and investigators were able to determine the device was still being used at the location of the former employee. A phone conversation ensued, and the former employee first denied any knowledge of the location of the laptop. After some encouragement by investigators, the laptop was ‘found’ and shipped back to the company.

Stolen Student Laptop

A school district in Texas notified Absolute of a ‘missing’ laptop after a student informed IT his laptop was taken from his locker during Spring Break. Investigators used forensic tools to discover the laptop was being used at the home of the student who first reported it missing. The district’s security team went to the student’s home and successfully recovered their device.

Ongoing Internal Theft

A healthcare organization in South Carolina contacted Absolute when they became aware laptops were going missing. The matter involved upwards of 15 devices, but the company had a difficult time identifying all of them. Absolute investigators worked with IT to gather the necessary information to launch a full investigation with police support. They then were able to determine four devices had enough commonality in their connection history and provided police with the new user and location information. Law enforcement executed a search warrant based on the Absolute-supplied information and detectives found more than 50 laptops at the residence of the healthcare organization’s former employee. The investigation continues, but the Absolute customer is very happy with how it is progressing and the support provided by the Absolute Investigations Team.

Insider Theft

A department of education in Australia had assigned a laptop to a local school, but the connection log showed the device had left the network. The missing device was reported to Absolute and soon thereafter, the device came back online. Investigators could see it was connecting at a nearby shopping center and further digging showed it was at a computer repair store, so they implemented a device freeze and called the store. The owner said the device was sold to him by a technician that worked at the store who said he previously worked for the department of education and was authorized to resell the device. Law enforcement then got involved and the device was returned.

Also read: Absolute Investigations May and June Roundup

For more than 15 years, Absolute Investigations has helped organizations recover their stolen devices. Made up of former law enforcement professionals and other experts, Absolute Investigations uses forensics tools and techniques to locate devices at large and once found, they connect with local law enforcement to orchestrate their safe return. Learn more here.


Data Visibility & Protection Endpoint Security Insider Threats Education Enterprise Healthcare

Share this article

Financial Services