last word

Security Danger…Personal Phones at Work

With employee-owned smartphone usage becoming a growing security risk in the workplace, experts at Wisegate offer these tips to help businesses stay out of trouble.

1. SHOP SOLUTIONS. Security solutions providers are busy coming up with solutions to the BYOD (bring your own device) security threat. The latest version of Blackberry Exchange Server, for example, promises to add security protection for all smartphones.

2. LIMIT EMAIL. Be sure employees can only access—but not physically download—your center’s email with their smartphones and similar devices when they sync with your server. That way, if they lose their phone, their email will still be safe and secure on your server.

3. FORCE PASSWORD STRENGTH. A security system is only as strong as its weakest password. Experts recommend passwords of more than 12 characters, including a mix of letters, numbers, and symbols. Program automatic rejection for passwords that are less complex.

4. LIMIT PHOTOS. Clearly define what workers can and can’t photograph to deter photos of products that are in development, company whiteboards, trade-secret work areas, etc., on Facebook.

5. DETERMINE OWNERSHIP. Deciding who gets the phone number after termination has become very touchy. One reason? A salesperson who takes his or her phone number along to the next job with a competitor could steal business.

6. WIPE CAREFULLY. Be careful where you wipe. Dealing with lost phones and other devices may be easier if you buy software that allows you to wipe business data only, while preserving personal data. Of course, that could create its own headache, as many people mix their personal and business data within the same application, folder, or file.

7. DEMAND TIMELY NOTICE. You’d think that an employee would quickly report a lost device. Then again, you’d expect that employee not to lose the device in the first place. Be sure to secure the promise of timely notification of a loss in writing.

8. SIGN AND UPDATE. To protect your business from ‘sign and forget’ agreements, have staff re-sign BYOD agreements every six months. Such precautions could help insulate you against lawsuits. EB

Wisegate is an invitation only social network for IT security’s key players. For info, go to wisegateit.com.

SECURITY PROVIDERS
Some of the security solutions companies you may want to check out include the following: Good Technology, MobileIron, Excitor DME, Fiberlink’s Maas360, Microsoft ActiveSync, IBM Lotus Notes Traveler, McAffee EMM, and SOTI Mobicontrol.