Laptop theft: a case study on effectiveness of security mechanisms in open organizations

T. Dimkov, Wolter Pieters, Pieter H. Hartel

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    6 Citations (Scopus)
    18 Downloads (Pure)


    Organizations rely on physical, technical and procedural mechanisms to protect their IT systems. Of all IT systems, laptops are the probably the most troublesome to protect, since they are easy to remove and conceal. When the thief has physical possession of the laptop, it is difficult to protect the data inside. Organizations open to the public, such as hospitals and universities, are easy targets for laptop thieves, since every day many people wander in the premises. In this study, we look at the effectiveness of the security mechanisms against laptop theft in two universities. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that surveillance cameras and access control have a limited role in the security of the organization and that the level of security awareness of the employees plays the greatest role in stopping a theft.
    Original languageUndefined
    Title of host publicationProceedings of the 17th ACM Conference on Computer and Communications Security (CCS)
    PublisherAssociation for Computing Machinery
    Number of pages3
    ISBN (Print)978-1-4503-0245-6
    Publication statusPublished - Oct 2010
    Event17th ACM Conference on Computer and Communications Security, CCS 2010 - Chicago, United States
    Duration: 4 Oct 20108 Oct 2010
    Conference number: 17

    Publication series



    Conference17th ACM Conference on Computer and Communications Security, CCS 2010
    Abbreviated titleCCS
    Country/TerritoryUnited States


    • METIS-275686
    • Case Study
    • IR-74285
    • Laptop theft
    • SCS-Cybersecurity
    • EWI-18718
    • physical security
    • penetration tests
    • security awareness

    Cite this