Are Your Employees’ Phones a Massive Security Risk? HERE’S HOW TO PREPARE
If you allow your employees to use their phones for business-related functions, you have two options. The first is to simply change the passwords for all at-risk email and application accounts of all exiting employees to bar their access. This solution will work for most employees, but it
Last month, we covered the risks inherent in a “Bring Your Own Device” policy, where employees are encouraged to work from their personal laptops at home and in the office. It’s worth repeating that we never recommend this strategy due to a litany of security problems. But today, pretty much every one of your employees is coming to work with a super-powered smartphone in their pocket. How do you maintain security when every one of these devices poses a potential threat? An Easy Solution for Personal Phones and Tablets If your employees bring in personal mobile devices, but they don’t use them for work-related emails and applications, securing your business network is simple. If you have a separate “guest” Wi-Fi network that you allow customers and clients to access, you should provide this — and only this — password to your employees to access as well. If you don’t already have this separate network, it’s a piece of cake to have us or your IT vendor create one for you. It costs almost nothing. This way, even if your employees’ phones get hacked, the problem won’t spread throughout your business. Where It Gets Complicated The situation is more complex if your employees install and use apps that enable them to work from their phone, whether that’s their work email account, billing apps, or CRM software. In this circumstance, you need to make sure that no matter what happens with each particular employee, your data is secure. Imagine what would happen if a disgruntled ex-employee decided to sabotage the entire system? Even a stray email could have massive consequences.
depends on just how much data is at risk. Even if they’re locked out, there is still likely a wealth of valuable company information on their phone. If they’re a high-ranking employee and/or use their phone for the most sensitive day-to-day operations (like billing), that will likely not be enough. For these cases, you can provide a phone that the business has complete control over, or at the very least put a written policy in place to ensure that your IT provider can verify that your ex-employee has deleted all company accounts and can no longer access your network or data upon exit. Included in this policy should be a clause that says if they refuse, you will have access to remotely wipe all data from their device via installed software. If you’ve provided their business phone yourself, this is a simple matter, but if it’s a personal device, it’s trickier territory. Either way, you need to be prepared with crystal clear policies that you can enforce before crisis strikes. There’s virtually no way to stop your employees from bringing their phones to work, but make sure to formulate a plan to prepare for any contingency. The 2014 Cyber Security Intelligence Index reported in 2014 that 95 percent of all security incidents involve human error — don’t let your employees’ phones or tablets be the source.
Our Clients Say It Best
“We have been using MicroTech for six months, and I wish we would have made the change earlier. They respond to tickets in a timely manner and have helped us ensure that our systems are running as efficiently as possible. The staff is friendly and professional. I would highly recommend MicroTech to anyone looking for a new IT company.” –Jason S.
“I have enjoyed working with MicroTech for several years. In particular, Joe at MicroTech is prompt, professional, and a joy to work with. When I call in for assistance, he has my system up and running within minutes of my call. He is very good at solving IT problems, no matter how big or small they turn out to be. That alone has earned some respect.” –Karren H.
page 2
Made with FlippingBook Online newsletter