Are There Risks to the Mobile Executive Approach?
The mobile-device approach to working has become increasingly popular for many good reasons. It offers a travelling manager or executive access to his or her company’s resources no matter where they are. You can become a virtual traveling headquarters or command center. Flexibility, 24/7 access and the ability to work across time zones has redefined the role of executive-level personnel tasked with directing the activities of large corporate or multi-national enterprises. At that level of management, however, the mobile devices used can contain, transmit and receive huge amounts of highly sensitive information. Therefore data security becomes a greater concern.
Most people work better with devices that they can choose themselves and personally customize. Individuals also tend to upgrade their own devices more often than most IT departments will. Overall, the mobile executive can be more productive and better connected when the device that supports the traveling virtual office is a familiar one. This is part of what’s making the bring-your-own-device trend popular.
The BYOD approach is not limited to C-level or top management use. A growing number of companies and organizations are allowing a variety of employees to work with their personal devices. Travelling sales reps and field technicians are also prime candidates for personal device use. This represents a great deal of data that’s being handled off-site and out-of-sight.
What’s Concerning: Lessened Data Security Is a Primary Threat
All field-use devices can contain sensitive customer and company information, and that can lead to data-security issues at any level of the workforce hierarchy. Smartphone users have been shown to be less than fully diligent when downloading mobile apps. When 1,000 smartphone app users were surveyed, more than half admitted to not reading privacy policies before downloading. About a third said they didn’t use a password on their phones. This may not be the case with security-minded C-level mobile executives, but some front-line and middle managers may be somewhat less cautious. Mobile device users may also connect to public WiFi networks, perhaps only in cases of utmost need, but the possibility of cybercriminals scooping up sensitive data via WiFi can be a legitimate threat to company security.
Lost or Stolen Mobile Devices
A mobile executive, especially one whose responsibilities demand frequent interstate or international travel, stands a greater chance of being placed in situations with increased risks of device loss or theft. Encrypting all sensitive data stored on mobile devices, along with frequent changes of encryption keys and device passwords, can help protect your data in case a device falls into the wrong hands.
Equipping a mobile device with a tracking system can help locate a lost tablet or laptop, but a remote hard-drive deletion application adds an additional level of security. The ability to delete all company-related data stored on a hard drive from a remote authorized location can prevent sensitive customer and company information from being accessed by criminals or competitors when a mobile device is lost or stolen. Company acquisition plans, client financial information and trade secrets are just a few of the data types that can stand to be remotely deleted when a mobile device disappears. Government agencies and medical facilities carry an even greater risk potential if devices are lost or stolen.
Employees Leaving the Company
Employees can’t be counted upon to stay with a company forever. When employees leave — whether front-line managers, field reps or mobile executives — you can’t confiscate their device if it’s their property. It’s not uncommon, however, for a security-minded organization to change passwords and encryption codes when a key employee departs.
Non-disclosure agreements can also help protect your data when someone leaves. NDAs bring enforceable data security into the picture by way of the court system. This can be of particular importance to a business if the departing employee is hired by a competitor.
Security Training and Enforcement Can Go a Long Way Toward Protecting Data
If personal mobile devices are going to be part of the traveling or field operations workforce, the company onboarding process should include comprehensive security procedure training. Data security should be viewed as an employment issue, and reinforcement through repeated training and performance reviews should stress its necessity to remaining part of the organization. One-time training and discussion sessions may not be adequate for employees at all levels. Some employees may have long-term habits that need to be changed when they begin having access to sensitive company information.
Company policies and handbooks must have clearly outlined procedures regarding data stored on personal or mobile devices. This should be the norm for any organization running their operations with either company-issued or personally owned devices. A 24/7 go-to team can be assigned the task of providing a quick response to any employee who has questions or concerns regarding device security. This team can also serve as a vital hotline resource in case a device is lost or stolen and a remote-activated hard drive deletion is required.
Security Experts Can Make Your Data Protection Planning More Effective
It doesn’t matter if you’re a mobile executive yourself or if you’re managing a team of supervisors and field personnel who are using personal or mobile devices to conduct company business. In either case, you should take data security very seriously. Setting up data-security contingency plans, such as remote hard-drive deletion capabilities and data monitoring systems, can be a determining factor in keeping company and client information safe when it’s off-site and travelling. It can be in your company’s best interests to consult with security experts and make sure you’ve got all the potential liabilities covered. We can help. Get in touch with us to find out what your best options are to keep data protected when personal devices are in use.