How to Keep Company Data Safe on Your Employee’s Mobile Phones

With “bring your own device” (BYOD) a part of many New Jersey companies’ operations, the need to protect corporate data on mobile devices is becoming of utmost importance.

Employee-owned smartphones, laptops and tablets can be fertile ground for security problems if business owners (and their employees) don’t take the proper precautions.

BYOD enables employees to work wherever, whenever and allows a mobile workforce to be more productive on the devices they are comfortable using. That said, you need to take steps to protect your business’ intellectual property and your clients’ data if hackers break in, or devices are lost or stolen.

Take these steps to ensure employee-owned devices are protected.

Develop a corporate BYOD policy. Have a policy in place and share it with all employees to keep your computing infrastructure safe. Ensure you track who is accessing what system and how they are accessing it, and have a good process in place to lockout users when they leave the company. Your managed IT service firm can help guide you on what to include and how to train your employees. Periodic audits should also be carried out to ensure compliance with the policy.

There’s an app for that. Whether on company-provided devices or your employees’ phones or tablets, a single software app can control access to all company information. Employees must login to the app to get access to everything they need to work – email, contacts, files, and your business systems.

When an employee leaves the company, or the device is lost or stolen, you simply remove their access, or change their password. Better yet, setup two-factor authentication for the app and its always protected.

Require screen locks, device lockouts or auto-wipes. Most smartphone users are accustomed to needing a PIN, passcode or a unique gesture in order to open and use their device. It’s an easy way to keep out unauthorized users and protect your files. Make sure employees know not to share their passcodes with anyone!

A lockout option can be setup to trigger after several consecutive unsuccessful log-in attempts.

Auto-wipe goes a security step further: after someone attempts (unsuccessfully) to enter the password or PIN, the device will automatically erase all stored data and revert to the factory defaults. NOTE: With auto-wipe, make sure that all data on the phone is being backed up automatically or else you stand to lose irreplaceable photos and other personal memories.

In in doubt, issue company-provided phones, laptops or tablets. Even small and medium-sized companies are investing in company-issued devices for employees to use to access corporate email, files, and apps. These devices can be preloaded with only the software and apps required for your business and can be locked to prevent employees from installing anything else. Your IT managed service provider can then control how employees connect to corporate files or access apps … and control how that data is shared. Especially in industries that have strict compliance mandates, such as financial services or health care, restricting mobile access to systems or data is critical.

Company-issued devices can also be monitored and remotely updated or wiped (business data deleted) when an employee leaves, if the device is lost or stolen, or when the mobile device is to be recycled.

Issue devices that employ data encryption. All endpoints, whether they are mobile laptops or desktop computers, should have the data that is stored on their hard-drives encrypted. This is especially important for mobile devices so that if the device is lost or stolen, the information on the hard-drive is still protected. For example, Microsoft Surface tablets use BitLocker to safeguard data on its hard-drive. Consult your IT service partner for recommendations.

Implement laptop safeguards. The FTC offers great tips on what to do and not do with your laptop computer. These include keeping careful watch over it, don’t leave passwords on it, use mobile device management to wipe sensitive data, and employ encryption.

Call us! We know how crucial it is to safeguard not only your clients’ sensitive information or your corporate data but your entire computing infrastructure. Our consultants will help devise the BYOD policies, procedures and protections your NJ company needs to keep your users working efficiently and safely. Contact us to discuss your IT needs, whether on premise, in the cloud or on mobile devices.