Organizations have seen improved productivity and cost savings by allowing employees to use personal mobile devices for work. The bring your own device (BYOD) trend continues to rise, with 75% of employees using their personal mobile phones for work. But while many vendors offer mobile applications, they may not properly protect the information that is stored in applications on personal devices.
Unprotected information can easily be obtained by cybercriminals when devices are left unencrypted or unprotected by a passcode. Plus, there is the risk the employee will lose or misplace the device. Organizations need to take steps to reduce these risks.
Next steps
- Define policies for personal device usage: This includes how to securely access organization data, as well as the types of information that should be available on personal devices.
- Implement MDM to protect information: It’s a good idea to implement a mobile device management (MDM) solution. This solution places organization information in a separate “container” on the device, automatically applies a passcode to that information and allows for remote removal of the information in the event of employee separation or the device is lost or stolen. It also ensures encryption is enabled on the device before organization information is stored, as well as prevents sharing of information to other apps.
- Provide guidance on personal device use: Make sure employees know they need to regularly update mobile operating systems and apps, avoid using risky public Wi-Fi and avoid leaving devices unattended and unlocked. Provide this guidance on a regular basis to remind employees of the importance as well as help new employees navigate the policies.