By Joseph Ansanelli, Vontu, Inc.

Laptops have enabled us to work whenever and wherever we choose, greatly enhancing our productivity, but they also put huge volumes of confidential data at risk. When a laptop is lost or stolen, its resale value no longer depends on value of the hardware. It is all about the data.

In 2005, laptop theft alone accounted for 33 percent of reported data breach events, according to the Privacy Rights Clearinghouse. Laptops often contain corporate information, customer data and intellectual property, which, if unprotected, could undermine competitive advantage or force the organization to publicly acknowledge the possibility of a data breach, as in the case of the VA and many others. Such incidents may result in millions of dollars in customer notification costs, noncompliance fines, possible federal and class action lawsuits as well as brand damage.

According to a recent study by the Ponemon Institute, the average cost of a consumer data breach is $182 per record. Ponemon analyzed 31 different incidents, with total costs for each ranging from $226,000 to more than $22 million. Typical costs include legal, investigative, administrative expense, as well as stock performance, customer defections, opportunity loss, reputation management and costs associated with customer support such as informational hotlines and credit monitoring subscriptions.

In another recent Ponemon survey of nearly 500 IT security professionals, entitled “Data at Risk,” 81 percent of respondents reported the loss of one or more laptop computers containing sensitive information during the previous 12 months. When asked how long it would take to determine what actual sensitive data was on a lost or stolen laptop, the most frequent answer was "never." (See more coverage of this report in CIO.com’s sister publication CSOonline.com.)

In today’s mobile business environment, the protection of confidential data on laptops has become a top priority both for corporations and government agencies. To reduce the risk and impact of data loss, organizations must proactively secure confidential data before the laptop is stolen or goes missing, and be prepared to respond immediately when a theft does occur.

Following are three best practice steps that can significantly reduce your risk of confidential data loss and streamline remediation in the unfortunate event of laptop theft or loss.

Step 1: Design and Implement Comprehensive Laptop Security Policies The first and most important step is to review and strengthen your security and privacy policies to include provisions for laptops. A strong security policy reduces your risk of a breach and enables you to manage remediation efforts efficiently. There is no silver bullet solution that addresses every organization’s requirements to safeguard confidential data on laptops, but you can tailor comprehensive security policies to the unique needs of your organization. A comprehensive security plan should include: