Your laptop was just stolen — what now?

A stolen work laptop is not just a piece of hardware gone. It's a potential breach sitting in someone else's hands. What you do in the next 30 minutes decides whether it's a $2,000 property loss or a six-figure data incident.

Why it's worse than most people assume

A determined thief with the right tools can bypass a Windows login in about twenty minutes if the drive isn't encrypted. That means everything on the machine — emails, saved passwords, cached documents, SharePoint sync folders — is theirs. If the laptop was still logged into email or company systems, they can walk right into your tenant.

Two real scenarios

The 30-minute checklist

• Remote-wipe the device from MDM (Intune, Jamf, Google) the moment you know it's gone.
• Revoke all active sign-in sessions for that user in Microsoft 365 / Google Workspace.
• Force a password reset on every account the user had access to.
• Rotate any saved credentials — password manager master password, browser saved passwords.
• Report to police and file an insurance claim — keep documentation for compliance.

What you should already have in place

• Full-disk encryption on every work device (BitLocker, FileVault).
• MDM enrollment for remote wipe capability.
• Short screen auto-lock — five minutes, not thirty.
• A published 'lost device' policy so employees know exactly who to call.