Mobile, Mobile, Mobile! Everywhere you go, everything you see revolves around mobile. Consumers are relying on their phones for so much more than just a phone call. We are accessing and storing images, videos, banking information, social profiles, music and most importantly – sensitive work information! IT Managers are trying to create BYOD (Bring Your Own Device) policies as quick as they can but they are not able to keep up with how fast technology is changing.
Ken Dulaney, an analyst from Gartner states, “The number of devices coming in the next few years will outstrip IT’s ability to keep the enterprise secure”. SMB’s need to make sure they understand the risks their business could face if sensitive business information is compromised due to mobile devices.
But, there is another element many companies may not be considering that can be just as detrimental to their business. Not only do companies need to make sure they have policies in place for how company information is accessed and saved from a mobile device but they should also strategize on how old devices are wiped cleaned when an employee get a new phone.
For years, IT Managers have been resetting computers and laptops back to factory settings before discarding or recycling but mobile phones store a lot of personal information as well and normally are not cleaned as well as they should before they are discarded. In a recent experiment 30 mobile phones were purchased from Craigslist;, half of them were cleaned but the other half contained information such as bank account numbers, social security numbers, work documents and court records.
61% of small businesses are allowing staff to use their smart phones to connect to corporate systems but only 39% apply data encryption on the device. So how do you make sure your company data is protected? You must educate your staff! Employees are using their own personal devices and they are deciding when to get a new phone and what phone to get. If you are allowing employees to access company information from their mobile devices you have to educate them on the risks for not only the business but also their own information if the phone is not cleared properly before discarding. Companies who invest in a staff awareness training program are 4x as likely to have a staff that understands the security policies and half as likely to have staff-related security breaches as companies who do not train their staff.
Sadly, most companies develop their mobile security policies after a serious incident has already occurred. Before allowing employees to access information from their mobile devices you have to educate them on mobile security and offer guidance on how to clear information from their phone. The owner’s manual, the wireless provider’s website or the manufacturer can provide information on how to permanently delete information before you discard a phone. Be sure to delete the following: phone book, call logs, voicemails, sent/received emails and text messages, folders, web search/history and photos/videos.
For more information on mobile device management and security please Contact Us and we can provide you with a Free Technology Assessment. Also, be sure to check out some of our Cloud webinar series and information on our WebSentry internet filtering and security tool.