More and more employees are using their smartphones and other portable devices in order to work at off-site projects, at home or simply on-the-go. While this has greatly increased productivity in many respects, there are inherent dangers in essentially allowing access to corporate systems to go out the office door, with very little to actually safeguard this access. Every organization that allows their staff members to either use their own mobile devices for work-related activities and/or who issues mobile devices to their staff for external use, should ensure they have an all-inclusive policy to cover usage and security practices.
So what are some of the issues that can arise from the use of mobile devices used for corporate activities? Regardless of whether an employee is using their own device or a corporate one, it is very easy for any of the following to occur:
- a device is lost or stolen,
- downloading of questionable 3rd party apps,
- sharing of devices with unauthorized people,
- and/or using unprotected Wi-Fi sources.
If any of these situations occur, unless protective measures are already in place, corporate data can easily fall into the wrong hands. In addition to the expense incurred from cleaning up a data breach, are other costs such as loss of trust and potential litigation from clients, and loss of public reputation as a trustworthy source of products and/or services.
A good mobile device policy will cover two key areas, and both must be addressed proactively, rather than after the fact. The first part of the policy is put into place by IT administrators. Their responsibilities include:
- remotely locking lost or stolen devices,
- creating and enforcing proper password and encryption policies,
- discovering and restricting tampered devices,
- and ensuring corporate data is removed from personal devices upon employee termination.
The second part of the policy pertains to instructing employees on the proper use of their mobile devices. Employees need to follow certain protocols including:
- reporting lost or stolen devices immediately,
- following their employer’s policy on downloading 3rd party apps,
- following password and Wi-Fi policies,
- and not sharing their devices with family members or other external parties.
By creating a proactive and comprehensive mobile device policy employees will thoroughly understand what their employer expects of them and IT administrators will be able to quickly resolve issues if they arise. Using this two-pronged approach, maximizes the ability of any business to properly secure both corporate and client data. Please contact us if you would like more information on how to properly institute a mobile device security policy to protect your organization’s essential data.