It doesn’t matter whether the device is employee or company-owned, hackers want your personal and business information. Hackers are becoming more and more sophisticated and creative on accessing your device. Every day, friends, co-workers, partners and businesses are affected by cyber-attacks at an increasing rate. According to a CNBC report, “Over a billion personal data records were compromised by cyber attacks in 2014.”
Do these three things to help prevent loss and theft of personal and company data.
1 – Use Device Locks: This is the first line of defense for the business, IT, and users.
Not all devices have the same level of prevention and can be susceptible to a greater risk of theft or compromise. This is a good reason why companies should buy devices for employees so that they can control the level of security and prevention used on a device.
At a minimum, for users carrying company information, ensure their devices meet a minimum enterprise level standard of security.
Using PINs, biometrics, and idle locks are ideal for devices without overwhelming the users.
Many Mobile Device Manager (MDM) or Exchange Active Systems (EAS) allow users to secure data quickly during standard business processes such as accessing a corporate website or application. Authentication is confirmed at point of service.
2 – Remote Data Wipes: Inevitably, a device will be stolen, compromised or lost. Remotely wiping the device can prevent future use of company data and personal information.
However, prudence and common sense must prevail as work and business life overlap on time and mobile devices. Wiping out personal and company data can create a backlash if these policies are not adequately communicated to all parties.
Some things to consider:
- Is the device a condition of the work arrangement?
- Does a policy exist on the consent and use of the device?
- Who is responsible for removing data from a device?
- What procedures exist to identify and prevent evasive techniques?
Many other considerations exist, but this is a good start.
3 – Mobile Location and Tracking: This is relevant from a security of data and personal privacy.
This is another fine line balancing privacy, security and business. Any junior NCIS agent can tell you an iPhone is a mobile recording device. It tracks user’s whereabouts, good or bad. I recall a story, one of the company employees was not at the sales meeting; he was traced by his phone to the race track! Alternatively, if you have ever left your phone in the taxi or airplane, use the tracking features to recover the device.
Some Bonus Best Practices:
- Put a Device Policy in place and monitor and audit users for safety and security.
- Encrypt data when and where possible.
- And the simplest one, educate your users on the Best Practices!
We want to thank our friends at Entreprenuer.com and TechTarget.com for sharing content used to help our customers make better decisions with their mobile devices.