Phone stolen, what does an SMB employer do (beyond what the user does)?
On loss/theft several things can happen at once: thief tries to access work data, SIM is abused for call/SMS fraud, MFA tokens are on the device. You need a 30-minute runbook, not an ad-hoc panic flow. Order: carrier block, MDM wipe, MFA reset, police report, insurance.
Try this first
- 1Call carrier immediately, block SIM AND request IMEI block (ask for both, SIM block alone is not enough).
- 2MDM portal (Intune/Jamf): initiate remote wipe, even if device may be offline, it wipes when it next reconnects.
- 3Entra ID / Workspace admin: reset MFA methods, invalidate recovery codes, revoke refresh tokens.
- 4Police report (online via politie.nl), insurance, and internal incident log for GDPR records.
When to bring us in
We have a runbook template and access to the right portals, in a real case we run all steps in under an hour. Call us first, do not try alone.
See also
- Work and personal apps blur together on the same phoneAndroid Enterprise and iOS-with-Intune can enforce a work profile, isolating business apps in a separate container.
- Setting up Microsoft 365 on a new phoneOutlook, Teams, and OneDrive run smoothest if you install Authenticator first and sign the others in afterwards.
- Moving Authenticator to a new phoneMicrosoft Authenticator has built-in cloud backup. Run it before wiping the old device, otherwise everything has to be re-added by hand.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.