Are Mobile Devices Putting Your Client Data at Risk?

If your employees are using their personal mobile devices for work-related tasks, your company's sensitive information could be in danger. These 8 tips can help you protect what's yours.
CEO, IDTheftSecurity.com Inc
June 18, 2014

The results of a survey released last year of 2,000 office employees revealed that more and more American office workers are blurring the lines between personal and business. Many are downloading personal apps and software onto employer-issued tech tools:

  • 73 percent have downloaded personal apps and software onto employer-issued tablets.
  • 62 percent admitted doing this with employer-issued smartphones.
  • 45 percent had done it with company-issued notebooks.

The worst offenders? Office workers ages 25 to 38 download personal things onto employer-issued devices more than any other age group.

On the flip side, more than half said they've used personal smartphones and other mobile devices to store, share and work on business documents.

Translation: Sensitive corporate data is quickly making its way off company premises.

Joining Forces

Although many companies have established a bring your own device policy, which allows workers to use personally owned mobile devices for business use, they are now faced with the issue of trying to come up with ways to keep work-related documents from walking off the premises. To gain control over sensitive or proprietary data, business owners and IT managers should know that “enterprise mobility management” technologies will help them control devices brought inside the corporate firewall. Google it. 

Employees must participate in the process, too—workers who bring their personally owned devices to work must look at those devices differently. Just think about this: Would you leave your journal or diary, laden with the most intimate, humiliating details of your life, perched wide open on an outdoor cafe table with a sign that says “Read Me” where dozens of people every hour would pass by it and feel free to pick it up and start reading through it?

Of course not. So why are so many people careless about the security of their mobile device, which contains intimate photos and other personal information?

Protecting What's Yours

Fortunately, there are simple solutions business owners can put in place to protect the company information their employees download to their personal devices. Just as a diary has a lock and people hide their diaries or other valuables from prying eyes and thieving hands, the following steps can help your employees treat their mobile device—and the information it contains—with the same urgency of security:

1. Make sure your employees' devices are password-protected so that a thief or the person who finds it after they lose it can’t do anything with it.

2. Have them enable the “erase data” function to kick in when there are, for instance, 10 password attempts.

3. Make sure any device they use for business purposes has a “wipe” function. With this feature, they're able to locate their mobile device if it's stolen or misplaced. They can then wipe the data without having the device in their hands.

4. Ask them to stay on top of those pesky update alerts. There’s a reason people get these: A security vulnerability was probably discovered. They should waste no time downloading the update.

5. They should beware of free download offers; they can be infected. Instead, they should buy all applications from an app store, rather than from some mobile-only site or one that's cluttered with advertisements.

6. If they install software that breaks their device’s walled garden, malware will be able to get in. Malware can be anywhere in cyberspace, and it can come with an app that they download. Anti-virus protection is a must to protect against this, especially for Androids.

7. Ask them not to be too click-happy. Always clicking on something can get them in trouble, since many clicks can lead to malicious sites that could infect their system or trick them into giving out personal information. They should think thrice before they click.

This "don’t be click-happy" rule applies especially to links inside e-mails. These scams often masquerade as an employee's bank, a popular online site or someone they know, trying to get them to type in a credit card number or Social Security number. Remind them never to provide personal information online just because an email has an urgent-sounding message. They should also ignore subject lines announcing they’ve inherited money or state “Your account has been suspended” and delete them immediately. This also goes for text messages about accessing accounts, offering bargains or updating operating systems. Unless they're expecting such texts, they should chuck ’em.

8. Remind them that WiFi is not secure, especially in public. To help your employees guard private information from an unprotected network, consider using a virtual private network service, such as Hotspot Shield VPN.

It doesn't take much to secure the information your employees need to do their jobs. A few simple strategies can help provide a protective shield for their mobile devices, so your company data is safe, no matter where your employees are.

Read more articles on mobile technology.

Photo: Getty Images

CEO, IDTheftSecurity.com Inc