Data security and mobile devices: How to make it work
There has been a lot of hype in the media about messaging tools. But recently, some of the headlines have taken a negative turn. Just last month, we read how a London-based banker was fired and fined more than £37,000 by the FCA for leaking confidential company data via WhatsApp. In this case, the employee stated that he simply wanted to ‘impress’ a friend. Not all cyber fraud is a crime of ‘boastfulness’.
There have been so many instances of employees leaking private company information for financial gains or other ulterior motives. Some might think that the most obvious way to answer is to simply ban mobile devices at the workplace. But is this possible in a world that has fully embraced the BYOD culture?
Having co-founded my first company when I was 18, and from the perspective of a tech entrepreneur with years of experience, I would have to say no. It would be next to impossible to restrict mobile devices, especially among agile teams.
I have seen the communications industry evolve rapidly over the past few decades. It has moved from being dominated by email to fostering a variety of communication apps and platforms. These apps include personal or social messengers and enterprise apps. And with any new technology, come certain challenges. The way forward is to adapt to the BYOD culture and embrace technologies that let us manage mobile devices securely, rather than ban them completely.
Focus on mobile device management
Companies should be paying more attention to mobile device management (MDM), which basically means the administration of mobile devices. MDM is an effective way of ensuring that employees remain productive and can access all necessary data and information, while keeping company data secure.
With MDM, companies can manage issues such as corporate data segregation, securing emails and corporate documents, upholding corporate policies, and integrating and managing mobile devices.
At the very least, enterprises should use MDM to restrict the apps that their employees can install on their devices. For instance, a company can restrict users from installing WhatsApp on their devices, and instead give them a secure team messaging solution. They can further ensure that only managed devices can access the company’s network.
Many companies are already monitoring what their employees can and cannot share by using MDM products and services. Earlier this year, Deutsche Bank stated that it would be banning text messages and online-based messaging applications including WhatsApp on company issued-devices. In fact, according to Zion Market Research, the global MDM market is expected to grow at a CAGR about 25% from about USD 1.35 billion in 2015 to USD 5.15 billion by the end of 2021.
Once you’ve decided to go the MDM way, the next step is to select an enterprise messaging app or platform that gives you better control over what your employees can share.
Choose a safe and secure enterprise messaging app
Make sure that you provide your employees with an enterprise messaging app that ensures the safety of your data. Select an app that gives you greater control over what information can be accessed and shared by users.
Use a tool that gives its users, especially team admins, the power to control their teams and its activities. Team admins should be able to control who can or cannot join a team, including blocking external domains. They should also be able to decide who can invite people to join the team – such as only admins or any member. Under file sharing restrictions, team admins should be able to manage file sharing permissions for users, including file type and size.
Choose a tool that gives its users advanced controls even at the channel level. Flock is based on these very principles and lets channel admins delete any message, and add/remove other members and admins. Such measures go a long way in restricting the outflow of confidential data and information via a company’s employees.
Making sure that your chosen app meets the industry standards for data privacy and security is also important. These basics include standards for data encryption, data center security, privacy of messages and profile data, secure app design, and access to user data.
Ensure employees awareness and compliance
Ultimately, your employees are your company’s best defense against attempts to breach data security. To ensure compliance, it is important to conduct regular safety awareness audits and workshops. It is equally important to manage and restrict employee access to sensitive information. It is a combination of all these factors that will help companies keep their data safe and secure.