4 Ways to Protect Data on Employee Mobile Devices for BYOD and Beyond
/For businesses, mobile technology means productive employees who can work in more places and collaborate in new ways. But greater mobility means greater risk of device and data theft and introduces complications regarding the divide between personal and company-owned data, especially when companies have a BYOD (bring your own device) policy.
So how's a business owner or manager to protect company data while also leveraging mobile technology? Based on our experience, there are 4 principles business owners should follow:
How to Protect Data on Mobile Devices
1. Minimize local data storage on mobile devices.
One way to keep company data secure is to keep it off of mobile devices, which doesn't have to mean a loss of productivity. There are a number of solutions, such as VPNs, terminal servers (remote desktops), and business-class cloud solutions (like Box), which allow users to access data that is stored on company-controlled servers or cloud storage platforms.
Of course, not all of these solutions will work in all cases. The right method will depend on what kind of data employees will be accessing remotely, as well as on how much control the company wants to maintain. We'd love to help you select the right approach for your business, so don't hesitate to contact us.
2. Protect data that is stored locally.
Sometimes some data must be stored locally on a phone, tablet, or laptop. In these cases, companies should consider methods for safeguarding that data.
The first and most effective is data encryption. If a device's data is encrypted, it will be virtually impossible for a thief to access it, even if the device itself is stolen.
Beyond encryption, companies should make sure to implement solid access policies managed and enforced by IT professionals, such as password protection, password strength (the default 4-digit passcode on devices like iPhones isn't strong enough), and biometric authentication when possible.
3. Protect devices physically.
This is the lowest-tech of the four principles, but certainly no less important. Companies should have policies stating that employees are to take reasonable precautions to safeguard mobile devices, such as locking their cars, not leaving devices unattended in public, and even keeping office doors locked. It's common sense, but we've seen companies suffer losses when employees' vigilance lapsed!
4. Plan for device loss, employee exit, or termination.
It's important to plan ahead for losing control of employee devices, both with the right technology and with clear policies regarding mobile devices. Solutions like mobile device management (MDM) software give employers granular, centralized control over mobile devices, allowing them to perform key administrative functions like remotely wiping company data and applications from a mobile device.
With technology like this, though, it's also important to have clear policies that employees understand and agree to, allowing the company to perform functions like remote wipe -- especially when employees are using their own devices.
This article came from a presentation Sean Wright, Affinity's President & CEO, gave at a Breakfast Briefing event co-hosted by Affinity Tech Partners and Constangy, Brooks, Smith & Prophette, LLP, on workplace policy tips related to technology.