Security of Company Data
With increasingly growing access of company data, including remotely from smartphones, company’s data security must be a topic of discussion at regular IT roadmap meetings you company owners are having with your engineers, either in-house or contracted.
This is becoming a regular issue when staff members lose tablets, laptops or smartphones. With no pin code or finger swipe set, whoever picks up that device could have instant access to your sensitive data. A lot of places have duty of care obligations when it comes to client data or their own company data.
There is also the personal obligation to looking after your own data. Are you professional if you leave your tablet in an Uber and there is no security set? Whoever finds it has access to your emails. They can send emails from your address. Imagine an inappropriate email being sent from your account to your clients. You have spent YEARS building up a reputation with your friends and peers, and even your competition, and it could be damaged by a simple mistake that most humans are guilty of.
Companies must have effective BYOD strategies (Bring your own device), which will also result in benefits for businesses including job satisfaction, responsiveness to important issues, increased job efficiency, and flexibility.
Allowing employees to use their own devices can provide cost savings for you, the business owner. It saves you from the initial purchase cost as well as the helpdesk support costs. Not good for madTECH Computers profits, but good for you, the business owner!
But as a result of the employee owning the device, this means the business owner maintains less control when compared to a device that the company owns.
An employer needs to get some things straight before allowing a BYOD strategy at their company. We need to make sure the company data does not merge with personal info. A key thing to note her is this. What email account is the employee using from their device? Is it company email or personal. If the employee is talking to key clients, communication should be done via the company email account or company cell phone number. If a key staff member leaves, your key client should be calling your phone or emailing your email address, not an ex-staff member.
If you go ahead with a BYOD policy, MTC recommends the following guidelines to be considered:
What type of company data can be accessed on the employee device.
How will the corporate data be encrypted and accessed?
How and when will company data be deleted from the BYOD device?
How will the data be transferred from the company servers to the employees BYOD?
Security
MadTECH Computers (MTC) of course recommends that antivirus should be installed on all devices that are used to access company data. Servers, clients, smartphones, tablets etc.
MTC recommend ESET Antivirus, and install it on all clients computers and servers. For BYOD devices such as smartphones, we would recommend ESET Smart Security for pc's, and laptops and Windows tablets. It includes:
Safe browsing for online banking and shopping.
Laptop tracking and find my laptop
Antispam and parental control, to help protect your children whilst they are browsing online.
Smart security will switch to silent mode if an activity goes to full screen mode, eg playing a game or watching video.
For smartphones, we recommend ESET Mobile security for Android. Apple doesn't allow ESET software, but does allow McAfee, which MTC can't recommend as we haven't tested it.
I think the best solution from ESET (our preferred supplier of Anti-virus), for personal use would be the ESET Multi-device security pack. This includes Smart Security, which is more fully featured than ESET Anti-virus, and you can install on 3 devices, which can be tablets, smartphones and pc's so it covers everything safely.
Reference:
http://www.computerweekly.com/opinion/BYOD-data-protection-and-information-security-issues