Saturday, 14 January 2012

iLab Robbery Lessons Learned

In the past year iLab has had over five hundred visitors. This Tuesday morning, January 10th, we had our first visitor who left with more than a bit of IT knowledge – instead, he took two of our computers.

The thief signed in at the security booth at about 9:28 am, informing the security that he had a scheduled meeting with us. He had visited the day before, sharply dressed in a business suit, and had inquired with iLab’s office manager about his local NGO working with iLab. But on Tuesday, as he made his way into the iLab for the 2nd time, he opened the lab door quietly and unpluggeed two laptops c
losest to the door and put them in his bag then slip out – all of this with iLab staff in the next room. The lab computers were not locked as they normally are, and the office manager was momentarily out of the lab.

Our IT Director noticed the two computers were missing within an hour and we called colleagues at a local GSM company. They were able to geotag the location of the phone number the thief provided when he signed in with security. With the help of the police’s Criminal Investigation Department (CID), the thief was found and arrested by the evening; the ex-pat who bought the stolen computers has also been arrested, and the police are now trying to recover the computers.

Lessons Learned

We at iLab have gotten too comfortable. Being on the last floor of a five-story building, surrounded by a huge fence and security system, we felt secure; although we anticipated the possibility of theft when first moving in and had locks for all the windows, doors and computers, the computer locks had not yet been reinstalled on our first days back from the holiday. We are just plain lucky that these were our two least valuable computers, and that only two of 16 were taken. Clearly, some changes need to be made – here’s what we’re thinking:

  • Bag checks by security when visitors enter and leave iLab
  • An automated doorbell that rings whenever the front door is opened
  • Having at least one iLab staff located in the lab at all times
  • Locks on computers and all equipment in the lab at all times
  • Making sure we have all the details of our equipment (not just the computers) – serial number, model and make – recorded so we can easily identify our equipment should it be taken
  • Possibly hiring another security officer to station directly outside the iLab door

This has been a valuable lesson for us about being in touch with the realities of one’s environment and not blinded by one’s feeling of security. As a public resource center, we don’t control what members of the public will come to iLab and thus we cannot assume what their intentions will be. If you have any other ideas on how we can improve the security of iLab, feel free to share.