Have you ever thought about what business data is on your employee’s personal equipment that they use for work? Have you considered the consequences of that data falling into unauthorized hands? Did you know that mobile devices have come to the attention of cyber criminals as the perfect piece of property to exploit for their own gain? Often a mobile device has all your business contacts, emails and other intellectual property, which in the wrong hands could spell doom for you and your team. As mobile devices ingrain themselves more and more into our personal and professional lives, a diligent executive needs to consider these questions.
Consider all the business and personal transactions you do on your mobile device and home computer. Those tasks are increasingly becoming a hybrid of both business and personal activities. This trend is increasing in popularity among cash tight businesses that don’t have the budget to purchase and manage employee’s mobile devices and home computers.
The convenience we all see in bringing our devices to work needs to be balanced with their potential risks. Employees see convenience, some managers see increased productivity without increased cost, while others see employees squandering time on personal surfing. IT specialists see viruses and other bugs that get into computer networks through both personal and business devices every day and deal with dead devices that aren’t backed up completely and correctly.
The problem with BYOD or “Bring Your Own Device” is that consumer products like smartphones, laptops and tablet computers were not designed for business usage off the shelf. They require aftermarket security considerations like testing, secure firewalls, encryption, and controls on sending company data out of the network. Given the absence of antivirus software, proper patching, upgrades and backup solutions, working on personal devices is an accident waiting to happen.
Consider these things before using personal devices or consumer software in the workplace:
a. Software and hardware needs to be vetted before being introduced into the business environment. Consumer product vendors are less likely to patch security problems quickly.
b. We continue to see an increase in the exploitation of vulnerabilities in computers and mobile devices over the last year.
c. Smartphones and tablets are easily stolen or lost and often not everything is backed up. If home computers are being backed up it is with consumer grade backup solutions which are not as reliable and secure as business grade vendors with monitoring. (Need help finding back-up solutions for your business?)
d. All of the apps made available in your mobile device app store are not ready for consumer or business usage. Malicious software can find its way onto your hardware through seemingly benign software downloaded from these app stores.
- Educate yourself and your employees about the risks and precautions that go along with BYOD use.
- Maintain home and work devices with the current patches, upgrades, versions and virus protection (for Windows machines; ask us about our recommendation for non-Windows devices).
- Make sure you catalog all the places you have original data and have at least 1 backup. Add an additional offsite copy for critical data. Verify your backup by testing (it is the ONLY way to know its working). No not everything is backed up on your iPhone when you have iCloud enabled.
- Install a business grade router at home and at the office and keep up with the firmware upgrades. Have it set up by a professional if you don’t know the difference between WEP vs WAP and what the settings mean.
- Upgrade your firewall and include an integrated security subscription that filters your web traffic for viruses.
- Block access to social media sites, except for those people that need to make updates to your company’s social media channels.
- Be vigilant about opening attachments and links in emails and web pages. There is a big increase in hackers using seeming legitimate looking emails and websites to infiltrate your device and steal or destroy files. Fraudsters use socially engineered documents and links that appeal to personal or business tastes to gain a person’s trust and get them to divulge their personal data through fake surveys and contests for nonexistent prizes, like gift cards.
- Where loss or destruction of files would result in significant downtime or a compliance breach, strongly consider investing into equipment that is used for business use only. Keeping company and personal data, networks and devices completely separate. That means personal business on a consumer phone or home networks and commercial business on business grade devices and through business communication systems.
Technology can be tricky to keep up with security and usage best practices is the best way to protect your information and productivity. Backup solutions and using properly vetted hardware and software, especially on mobile devices and business computers, goes a long way to staying safe from data loss and operational shutdown.
Don’t want or have time to keep up with technology? Call CMIT Solutions and make it our job. This is what we do and we do it well. If it beeps or blinks and has a power cord, or lives in the internet, we consider ourselves the watchdogs. If you need help migrating to a technology business vendor, including telephone systems, video teleconferencing and cloud services & hosting, CMIT Solutions can help.
Questions? Contact Us today.
McCarthy, Bede. “Firewalls fortify as criminals target employee devices.” The Financial Times (16 Apr. 2013): 17. Print.
“Internet Security Threat Report 2013.” Symantec Corporation (2012): pages 35-39. Web. 17 Apr. 2013.
“Wi-fi routers susceptible to hacking.” CNET (2013) Podcast. April 19, 2013