Mobile Devices Are Indispensable
They provide flexibility and allow connection, but also pose a security risk for financial institutions. Tablets and smartphones provide a gateway to sensitive information like documents, systems, email, contact information, customer data and records, financials, social media and calendars. Scam artists want access to corporate and personal accounts, competitors want trade secrets, ID thieves want personal information, and criminals want customer data or a device to sell for cash. Smartphone theft is a growing crime, with billions spent annually to replace lost or stolen devices.
There are three things that can be done to help protect organizations from exposure to the threat that mobile devices present. First, implementing physical and technical safeguards to the devices, second understanding and minimizing communication risks, and finally, avoiding connectivity risks. In this part, we will explore the physical and technical safeguards that can help bolster security and reduce exposure to a breach.
The Best Physical Protection for Mobile Devices: Attention From Employees
This reality leaves open human error and judgment that increases risk and exposure to any business. The number one rule to impart upon any employee is to treat any mobile device like cash. In other words, if you wouldn’t leave a new Benjamin on the corner of a table in a restaurant, don’t leave your cell phone there either. Thieves view smartphones as cash – it’s easy to grab and easy to sell. In the same regard, devices shouldn’t be left unattended. Smartphones or tablets on desks, in conference rooms, or sitting on the seat of a vehicle are attractive opportunities for someone looking to steal and profit. Crowded areas should also be approached with added care. High attendance events or crowded spaces present an opportunity for thieves to grab a device and disappear into a crowd, often too quickly to even realize that something was stolen. Devices should be kept out of open sight, and protected close to and in the front of the body.
Technical Protection Is a Team Effort
Technical requirements can be more within the control of the organization, but still relies heavily upon each user. Strong passwords are important, and present a good opportunity as a barrier to a compromise. PINs that are four-digit in length are usually easy to break, and employees should be encouraged to avoid birthdays and anniversaries. A social media account allows discovering this information very easily, and it’s the first-step for any thief. More shocking, there are many smartphones that don’t even have a passcode, leaving the data on the device completely exposed. Frequently cleaning the screen is also important, as simple passcodes or patterns become easy to guess from the build-up of oil and dirt on the screen. Encryption should be a part of any organization policy for mobile tech, and should also include back-up of data to corporate databases related to that information belonging to the organization.
Finally, GPS tracking and wiping technologies should be deployed and required for any device with organizational data and access. Bring-your-own-device (BYOD) poses threats to organizations, and technology platforms, such as MobileIron, help to reduce the risk and provide a remote wiping option to the organization apart from the user. In situations involving terminations or an employee unable to locate a device, this can be an important tool to ensure data is secured.
Make Sure Your Financial Institution Clients Have the Right Coverage
Make sure your customers have the right insurance coverage from the financial institution experts, Berkley FinSecure. Contact any one of us below for help in making sure your FI customers are protected!
VP Sales and Distribution
Jon Martin 410-372-6325
Chuck Cook 913-553-8559
Jeanne Shrum 207-415-4587
Scott Harris 512-800-5393
Dave Cassel 443-987-8619
Pete Verretto 973-775-5233
Experts focused on your protection.
Products and services are provided by one or more insurance company subsidiaries of W. R. Berkley Corporation. Not all products and services are available in every jurisdiction, and the precise coverage afforded by any insurer is subject to the actual terms and conditions of the policies as issued. Certain coverages may be provided through surplus lines insurance company subsidiaries of W. R. Berkley Corporation through licensed surplus lines brokers. Surplus lines insurers do not generally participate in state guaranty funds and insureds are therefore not protected by such funds.
For additional information concerning W.R. Berkley Corporation’s insurance company subsidiaries, please visit: https://wrbc.info/