We continue the previous post about Smart Balanced Philosophy.
It is still the employee's phone
The 'bring your own device' (BYOD) trend is expected to surge. Some predictions look at 85% of mobile devices to be personally-owned devices used for work. It means that these phones will have private data, private email accounts and applications. More than this, some of the private applications and data may be used to promote work tasks. What should be done about that? The business should deploy software and management tools to partition private vs. business information and applications; the business should evaluate private applications on their own merits; users should be given a choice but within boundaries; the business should protect itself from time abuses caused by consuming private data and applications while in work; the business should deploy clear payment and reimbursement policies. Another issue to take into consideration is regulation. Make sure to be aligned with state regulations regarding users' privacy.
Rule 4: segregate private vs. business information and applications – logically and time-wise.
Mitigating lost data risk
Data loss comes at a cost. A Ponemon Institute study published in March 2012 found that organizations suffering a data loss paid an average $5.5 million per breach, or $194 per record lost. The end user is often the weakest link on any business network. The greatest data security vulnerability is generated by insiders with privileged access. Negligence is the root cause of the data breaches. Most breaches occur because of employee mistakes and lax operating procedures. Enterprise mobility adds to this risk. The problem can be controlled via executive management getting on board and by providing education. Eliminate the problem by building the mechanisms that block unauthorized data transfers and allowing controlled access to data.
Rule 5: institute training, protocols and tools to control insiders with privileged access.