Three Tips for Keeping Business Data Safe on Personal Mobile Devices
Think having your employees use their personal smartphones and tablets to access a company's network and data on the go is a smart and cost-effective idea? Think again. A report out today suggests that an increase in the use of personal mobile devices for business is making sensitive business information -- including email and business contacts, customer data and network login credentials -- a lot less secure.
Indeed, more than 70 percent of people surveyed by Sunnyvale, Calif.-based Dimensional Research say the use of personal mobile devices for work purposes have contributed to increased security-related problems. The report, sponsored by network security company Check Point Software, surveyed more than 700 IT professionals at companies of all sizes in the U.S., Canada, the United Kingdom, Germany and Japan.
The most incidents of mobile devices contributing to increased security issues were reported by people who work for telecommunications and transportation businesses, says Dimensional Research senior analyst Diane Hagglund, who wrote the report. Government-related and healthcare companies reported the fewest incidents, she says.
According to the report, the No. 1 factor affecting the security of sensitive data over mobile is a lack of employee awareness of a business's security policies. If you allow employees to use their own smartphones and tablets for work, consider Hagglund's top three tips for getting employees on board and contributing to the security of their mobile devices.
1. Teach employees basic mobile device security "hygiene." Employees should be made aware of basic safeguards such as using passwords, updating operating systems patches and having the capability to wipe a lost or stolen device.
"These things are not difficult to do, but it is not top of mind for employees focused on the convenience and fun of their devices," Hagglund says. "They typically do need to be told what to do, how to do it and then have ongoing reminders to keep it up to date."
2. Make it easy for employees to access tools. One idea is to create a repository of recommended business tools with easy-to-use instructions. "Then, host monthly lunch-and-learn meetings where people bring their sandwiches and their mobile devices and everyone encrypts confidential data and installs anti-malware with IT guidance," Hagglund says. "Employees who take more ownership for mobile security will benefit by having their personal information be more secure also."
3. Don't store business data on mobile devices. Remember, you don't get to take an employee's personal smartphone or tablet as you might other tools when he or she stops working for you. Hagglund suggests that you ensure the work applications you provide -- email, customer data, etc. -- do not store information locally on the device.
"This way, you can easily cut off access to corporate data without having access to a specific device," she says.