Few things strike fear into the hearts of business leaders like security breaches. If simply losing data weren’t bad enough, companies that experience security problems can see their reputations destroyed, the number of customers dwindle, and their entire infrastructure compromised. It’s not a pretty sight, which is why businesses will invest large portions of their budget to protecting company data.
Now that bring your own device (BYOD) policies have become so popular, securing information has become that much more difficult. According to one recent survey, 70% of respondents say using personal mobile devices has led to an increase in problems related to security. Employees are using their own devices more than ever these days, so companies need to adopt the best practices for protecting data on them. Here are just a few for businesses to take a closer look at.
Employee Training
While much of the focus for IT security will likely be placed on outside threats, oftentimes it is behaviors by employees that can lead to increased security risks. These behaviors usually don’t have any malicious intent behind them; they’re simply done from having a lack of knowledge about the threats that are out there. That’s why employees need the right training on how to properly comply with BYOD policy and avoid possible security lapses. These training sessions should happen not just at the start of employment but every so often. Security threats are constantly evolving, and if employees don’t know about the latest risks, they won’t know how to protect their devices. Workers should also be taught how to use the right safeguards–password use, new software patches–to make sure their devices are appropriately protected.
Encryption
Almost everyone uses a smartphone now, many for work purposes. Sadly, a large number of these devices are quite vulnerable. A recent report indicated that up to 750 million cell phones could be easily hacked through simple text messages, and it’s all due to an encryption flaw. Devices that don’t employ the right encryption measures are setting themselves up to be compromised. Even more alarming is the fact that only about one-fourth of all small businesses even apply data encryption to their BYOD items. The lesson here is to encrypt as much as you can. Data that is encrypted will be that much harder to steal or make sense of. Encrypting a device or the information on the device is relatively simple too. All users need to do is turn on encryption for their device through the “Settings” menu on their phone or tablet–another process employees should be educated about.
Containerization
Personal devices with business data on them can lead to all sorts of problems if the device is hacked. That’s why when adopting BYOD, companies choose to use “containerization”, where the business data and personal data on the device are kept separate from each other. By creating a dividing line between the two, companies are better able to protect the business data by focusing on the apps employees use to access and work with that data. Essentially, it looks at each app as an individual security issue, protecting the ones that need the most security. Containerization also allows employees to use their device for personal reasons without fear of the company meddling unnecessarily with their personal apps of choice.
Mobile Device Management
Many companies choose to take the extra step in securing BYOD devices by using mobile device management (MDM). Devices that are connected to MDM not only have more security measures, they also have an effective failsafe–the remote wipe. With this feature, businesses can remotely wipe a device completely, basically erasing all data from the object in the event it is lost or stolen. This tactic might be controversial among some employees, especially when it deals with wiping a device they own, so BYOD policies should clearly spell out what will happen in case of an unfortunate event.
There are many other ways to help protect company data on employees’ mobile devices. IT policies need to constantly be updated, malware detection should be used for each device, and workers need to be warned about connecting to unsecure WiFi networks. All of these different strategies should be used together to have the best chance of keeping data safe and secure. Lost or stolen data is simply too costly for businesses. With enough planning and action, security risks will be minimized and company leaders will be able to breathe easier again.
Do you worry about your credit card data being compromised? Let us know in the comments.
~ Rick