What to do if your company laptop or mobile device is lost or stolen

If your work laptop, phone or tablet is lost or stolen, act immediately. Report the incident, secure your accounts from a trusted device, and prevent unauthorised access by triggering remote lock or wipe if available. Early action significantly reduces the risk of data loss or compromise.

Lost or stolen devices are a common cause of security incidents. A calm, methodical response in the first few minutes helps contain the situation and protects both personal and organisational information.

Fast checklist

If your device is missing:

Stop using any accounts that were signed in on the device.
Try to locate the device using approved tracking tools if they are enabled and safe to use.
Report the loss or theft immediately to IT, security or your line manager.
Change your passwords from another trusted device.
Review your multifactor authentication settings.
Notify the police if the device was stolen, and obtain a crime reference number.

If the device contained sensitive data:

Inform your security team as soon as possible.
Follow any additional instructions for data protection or regulatory requirements.

The sections below walk through these steps in more detail.

Step 1 Confirm the loss and act quickly

Before assuming the device is stolen:

Retrace your steps and check likely locations such as home, office, car or meeting rooms.
If the device may still be nearby, avoid triggering loud tracking alerts that could put you at risk.
If you believe it has been stolen, do not confront the thief or put yourself in danger.

Once you are confident it cannot be recovered safely:

Treat the device as compromised.
Move immediately to secure your accounts.

Step 2 Report the incident

Reporting allows technical teams to take urgent action.

Contact IT or security using the approved reporting method.
Provide details such as the device type, serial number if known, when you last had it, and where it went missing.
If theft is suspected, notify the police and obtain a crime reference number.
Inform your manager so they are aware of operational impact.
If the device contains regulated, financial or client-sensitive data, escalate immediately using the highest-priority route.

Quick reporting is critical. The sooner the device is disabled or wiped, the lower the risk.

Step 3 Secure your accounts from a trusted device

Using another trusted laptop or phone:

Change your passwords for all accounts that may have been accessible from the missing device.
If you reuse any of those passwords on other services, change them too.
Review your multifactor authentication settings and remove lost or unknown devices.
Check for unexpected sign in activity on important services

Step 4 Trigger remote lock or wipe if available

Many organisations configure laptops and mobile devices with remote security capabilities.

Use the approved device management portal if you have access.
Otherwise, request IT or security to lock, disable, or wipe the device as appropriate.

Actions may include:

Remote sign out from accounts
Disabling biometrics
Blocking the device from corporate systems
Removing access tokens or certificates
Full remote wipe

Your security team will choose the appropriate level of action based on risk.

Step 5 Protect sensitive data

If the device held confidential, personal or regulated information:

Inform your security or data protection team immediately.
Provide details of the data stored and any applications that may sync locally.

Encryption on modern devices reduces risk significantly, but reporting is still essential.

Step 6 Replace the device safely

When arranging a replacement:

Follow your organisation’s process for issuing a new device.
Do not reuse old backups without confirming they are safe.
Reset your MFA if the lost device was used as an authentication method.
Confirm with IT that the missing device has been fully disabled.

This ensures you return to work with a secure and trusted setup.

Step 7 Prevent future incidents

To reduce the likelihood and impact of a future loss:

Use a strong device password or PIN and ensure encryption is enabled.
Do not store sensitive information locally unless absolutely necessary.
Keep devices with you at all times when travelling.
Avoid leaving laptops in cars, hotel rooms or unlocked drawers.
Use privacy screens and secure backpacks or cases.

Simple precautions significantly reduce risk.

Final thoughts

Mobile phone theft happens. What matters most is the speed, confidence and thoroughness of the response. Swift reporting, remote actions and account protection can turn a potentially serious incident into a contained event. Clear procedures and regular training ensure that when a device is lost or stolen, the impact is kept to a minimum.

Reviewed by: Katie Barnett, Director of Cyber Security

Last updated: 09/12/2025

Need support with device security or incident response
Talk to Toro about cyber incident response, device hardening, investigations and converged security support.

Categories: Cyber Security, Incident Response

Tagged: Converged Security, Cyber Incident Response, Cyber Security, IT Theft, Katie Barnett, Mobile Phone Theft, multifactor authentication, Report The Incident, Toro, Trigger Remote Lock

What to do if your company laptop or mobile device is lost or stolen

Fast checklist

Step 1 Confirm the loss and act quickly

Step 2 Report the incident

Step 3 Secure your accounts from a trusted device

Step 4 Trigger remote lock or wipe if available

Step 5 Protect sensitive data

Step 6 Replace the device safely

Step 7 Prevent future incidents

Final thoughts

Share this:

Latest Security How To Guides

What should you do to stay safe whilst commuting?

What to do if your company laptop or mobile device is lost or stolen

What should you do if you suspect a website DDoS attack?

What should you do if you suspect you have been vished (voice phished)?

What should you do if you suspect you have been phished?