Internal Controls Update – January 2024

Reporting Lost or Stolen Devices

From the Editor’s Desk

Each year I carve out time to meet with various departments, campus units and colleges. Recently, topics of discussion have been internal controls, policy, procedures, guidance and how to prevent and/or detect fraud. During my presentations, several individuals admitted that they were unaware of the requirements surrounding the proper reporting of lost or stolen equipment, especially the specifics around computers and handheld devices.

This past October, the FBI released data indicating several types of crimes were on the rise. I’ve also read reports that point to increased automobile break-ins, consequently that means theft has increased. The Society of Human Resources has reported a substantial increase in workplace fraud since 2002. In a 2019 report, it had increased 21%. As you can tell, properly securing equipment is important. This is becoming a popular topic of discussion. Various universities have been reporting on the importance of securing equipment and how to report lost or stolen goods. Teaching employees how to properly report matters is as important as the policy itself.

After meeting with several groups, I’ve noticed a relatable theme – one I raise in my presentations – which is properly reporting lost or stolen equipment. I cannot tell you how many meetings I have attended over the years. However, on numerous occasions, I witnessed unattended laptops as I walked through units en route to meetings or when I conducted planned engagements or attended conferences. I have witnessed individuals stepping away for a moment, leaving their laptops and system exposed without signing off and locking their devices. These instances prompted interesting conversations when I informed colleagues about the vulnerability of leaving devices unattended. Unfortunately, these types of practices and/or behaviors are ripe for opportunities for devices to be lost, stolen and even compromised.

For information, guidance and responsibilities for properly reporting lost or stolen electronic devices, please reference Reporting Lost or Stolen Electronic Portable Devices. As with any event, timing is crucial and understanding how to report matters is too.

by Rod Smith, Director of Internal Controls

Related Articles

University Employees Told Private Data is on Stolen Laptop

By Brent BonFleur, Channel 8 KLKN-TV

University of Nebraska-Lincoln officials say personal and financial information on more than 900 current and former employees were contained in a laptop computer stolen from a university consultant who was vacationing in Rome. The names, Social Security numbers, home and email addresses and financial account information on the laptop were password-protected but not encrypted, which would have provided extra security

Stolen University Laptop Had Personal Info

United Press International

Personal information on more than 8,300 students and employees of a lab school at the University of Florida was on a stolen laptop. The information on students and workers included employee payroll and current and former student information and included names, Social Security numbers, and in some cases, Florida driver’s license numbers. The laptop computer was stolen from the rental car of a lab school employee.

Professor Whose Laptop Was Stolen Violated University Policy

Associated Press

A University of Maine professor whose laptop was stolen, compromising the personal information of more than 600 current and former students, violated a university policy that prohibits employees from having students’ Social Security numbers stores on electronic devices.

A Former Yale Employee Admits She Stole $40 Million in Electronics From the University

Jaclyn Diaz, National Public Radio

Former Yale administrator Jamie Petrone pleaded guilty in federal court in Hartford, Connecticut, to two counts of wire fraud and a tax offense for her role in a nearly decade-long scheme to steal millions of dollars of computers and iPads from Yale University’s School of Medicine.