Are Mobile Devices Putting Your Business at Risk?
Smart phones are everywhere. In 2008, nearly 90% of respondents to a survey said they accessed email or company information on a smart phone purchased either by their company or themselves.
How many people in your company are now carrying emails, files, passwords and network access around with them 24×7?
Mobile connectivity increases responsiveness and productivity, but have you adequately addressed the security risks these devices bring?
The main risks you should be aware of are:
- A lost/stolen device or memory card with information stored on it
- A lost/stolen device with the ability to access the company network
- Interception of data over WiFi or 3G networks
- Interception of data over Bluetooth connections
- Departing employees with un-wiped mobile devices they personally own
- Lack of clear ownership of the phone number (if the phone itself is used for business)
What can you do to minimize these risks?
- Require passwords/PINs on all devices
- Use encryption for files and storage cards (this can require third party software)
- Restrict what software and which employees can connect to your network from a mobile device
- Use SSL encryption when setting up email accounts
- Use centralized solutions tied to your email/collaboration system that have remote-wipe capabilities
- Provide clear policies and training for your staff
- Include mobile devices with access in your end-of-employment security checklist
- Be sure you have ready access to carrier and account information
Are you aware of other risks or solutions when it comes to mobile devices?
