As much as we prepare for the hustle and bustle of Christmas, it inevitably ends up descending into a mad rush. Such is the current landscape that we increasingly rely on the support of our smartphone to direct through it all. It allows us to make last-minute festive purchases online and on-the-move, helps us to navigate around the crowds to the work Christmas party and enables us to quickly check emails whilst trawling the stores for Christmas presents. However, the proliferation of the Bring Your Own Device (BYOD) trend means that many of us are supporting our personal digital activity with a device that is laden with a mix of both personal and corporate data. Should it go missing amidst the festive commotion it can leave a business vulnerable to data attacks and cybercrime threats.
There is a significant chance that a device will go missing. Smartphones are an increasingly hot commodity; thefts have risen dramatically in the last few years and this year alone more than 800,000 mobile phones were stolen in the UK, with individuals out socialising or using public transport the main targets. With their high price tag and valuable data content, it’s no wonder they are a prime choice. Add this to the fact that those out and about this Christmas are likely to be distracted by the festive atmosphere, and we begin to see a very real threat to smart device users this Christmas.
What is the consequence if a device does go missing? Although a business would hope its employees protect their smartphones and data from being compromised, this is not always the case. Recent findings from Juniper Research identified that more than 80% of the total enterprise and consumer owned smartphone device base will remain unprotected through 2013. Even simple forms of mobile security are being neglected; a shocking 51% of UK adults don’t even use passcodes like pin numbers, leaving data stored on the device or accessed through cloud apps at a maximum level of vulnerability. This goes to show that businesses cannot rely on employees to secure their own smartphones, which is a very real concern when corporate infrastructure and data is accessed through them on a daily basis.
A stolen smartphone has quickly moved from a temporary hassle and inconvenience to having the potential to compromise the security of an entire business. The ramifications are also financial – since the Information Commissioner’s Office (ICO) raised the maximum fine for a security breach to £500,000, businesses can no longer afford to be complacent over a stolen or missing employee smartphone. Not only can the loss of information affect the reputation and integrity of a company, impacting working relationships and future prospects, but it also has the ability to cripple a business financially.
As the cost of smartphones continues to decrease and with the threat of fines looming, businesses should focus on protecting corporate data contained within employee smartphones and other mobile devices, like phablets and tablets. Every one of these devices is a portal into corporate infrastructures and the data held within it, so it has never been more essential to put into place a system to control and protect data contained within a device. However, rather than grappling with the numerous manufacturers and OS systems used by devices, IT decision makers should try to consolidate the management of devices using software solutions where possible. Solutions can provide the visibility and flexibility to comprehensively secure different devices and applications, providing IT managers with the support required to embrace this era of BYOD. Ideally, this will enable both personal and corporately owned devices to exist in one single environment, allowing the implementation of robust security policies across the board.
Management of corporate smartphones will also help in the combat of cyber threats, which are now increasingly targeted towards mobile devices by cyber criminals moving away from traditional PC hacking. While innocently making gift purchases or downloading Christmas themed apps, employees could potentially allow hidden malware to gain access to their smartphone. Unprotected websites may be hot sports for cyber-crime and downloaded apps may be corrupted, putting the smartphone under further risk. Not only does malware have the capability to steal data from this seemingly secure device, it could also have access to data stored on the corporate infrastructure. By utilising a management system, IT leaders are able to monitor what apps are installed onto the device and locate and remove potential threats and unauthorised software.
Christmas is a time when employees can be distracted by the festive atmosphere, and rightly so; it is a time to relax and celebrate with friends, family and colleagues. However, absent mindedness while out shopping, socialising or travelling home is sometimes unavoidable and can often lead to a stolen or missing smartphone. Equally, a quick online payment or downloaded app could accidentally subject a business to a cyber-attack and consequential data breach. A savvy business should assess and understand external influences on their organisation; the busy Christmas period coupled with the rise in smartphone thefts and mobile cyber-crime demonstrates the need to be proactive in implementing an effective security policy for endpoint devices. When you get it right, it’s as simple as ‘track, manage and secure’ for the devices and information, within and outside of your business.