Mitigate risks from using personal devices

Employers have seen improved productivity and cost savings by allowing the use of personal mobile devices for work. This bring your own device (BYOD) trend continues to rise, but while many vendors offer mobile applications, they may not properly protect the information that is stored in applications on personal devices.

Unprotected information can easily be obtained by cybercriminals when devices are left unencrypted or unprotected by a passcode. Plus, there is the risk the employee will lose or misplace the personal device. Organizations need to take steps to reduce these risks.

Next steps

  • Define organization policies for personal device usage: This includes how to securely access organization data, as well as the types of information that should be available on personal devices.
  • Implement MDM to protect information: It’s a good idea to implement a mobile device management (MDM) solution. This solution places organization information in a separate “container” on the device, automatically applies a passcode to that information and allows for remote removal of the information. It also ensures encryption is enabled on the device before organization information is stored, as well as prevents sharing of information to other apps.

Regularly provide guidance to employees on personal device use: Make sure employees know they need to regularly update mobile operating systems and apps, avoid using risky public Wi-Fi and avoid leaving devices unattended and unlocked.

SOURCE: WIPFLI