Technology has transformed the lives of millions of office workers, creating “work from anywhere” opportunities that provide flexibility, productivity gains, and increased happiness among the ranks.
Though relatively few companies outside of the tech industry are fully staffed with remote workers, nearly all have employees doing some work away from their desktops. Smartphones, laptops, and iPads are just some of the mobile devices in use around the clock.
If these devices have access to company email, servers, and databases (and how else would they be useful for work?) that means these devices are carrying sensitive data around.
We place a high priority on protecting our data from hackers trying to penetrate our defenses at the office, but just worrying about the home front is no longer enough. Imagine an employee travelling from a conference. He leaves his unlocked phone behind and an unscrupulous type with a bit of tech savvy picks it up and realizes it’s connected to a database with interesting customer data inside. Suddenly the company has a security breach and possible cyber liability exposure on its hands.
That can be an expensive mistake: cybercrime cost the big guys $12.7 million per company in 2014. Think it’s not a problem for smaller fish? The average cost of a cyberattack on a small business is $8,700, with most businesses being able to recover within three days, but 12% taking more than a week to be back up and running.
The huge benefits of mobile devices for businesses are beyond question, but they require caution as well. Here are some steps to take to avoid having those benefits turn into a (cyber) liability.
Require strong passwords — It sounds simple, but strong passwords are worth more than an ounce of prevention. Employees shouldn’t be able to use “password123.” Online tools help generate strong passwords that are also easy to remember.
Police ‘BYOD’ devices — It used to be that a perk of the job was a company-issued cell phone. But as prices dropped and mobile devices became ubiquitous in non-work settings, having to carry a separate work phone became a burden. The new trend is “bring your own device,” which can keep employees happy and save companies money, but policies must be in place to protect data. Mandating strong passwords, ensuring remote data wiping capability, and requiring the company’s I.T. department to configure the device’s work applications can help.
Watch the late-night phish — Clicking a link in a phishing email that appears to be from a vendor or colleague can expose your systems to viruses and or worse. Avoiding these mistakes during regular business hours requires an attentive mind. But let’s face it, we are all guilty of lying in bed, drifting off while reviewing email on a mobile device. Don’t let sleepiness be an excuse for clicking the wrong link.
Make sure you’re covered — If a data breach does occur, having comprehensive cyber liability insurance in place can mean the difference between a company’s life and death. These policies help manage cyber risk by providing liability coverage against data breaches. They will often cover not only legal liability, but income lost from business interruption.
Employees appreciate the benefits of technology. Making them feel invested in keeping the network safe is good business for all.
Bob E. Teittinen
Commercial Lender, Senior Vice President