Thursday, 12 January 2012

Is the data on your company smart phone protected?

We are all aware of the need to keep data on PC's and laptop computers protected , but are your company smart phones and tablets secure and can you guarantee that if lost or stolen the data cannot fall into the wrong hands?

European and English legislation on data and telephone compliance is there to protect consumers against misuse of data, ensuring that it is kept safe and is not used without consent.

A snapshot on some of the issues involved is freely given below.

Mobile Phone Security

Mobile phones make life very easy on the one hand, and very difficult on the other.

A study by TAXI, the magazine for the Licensed Taxi Drivers Association, revealed that during a six-month period a staggering 63,135 mobile phones were mistakenly left in London cabs. If they contained customer data and information that was not secure, then their owners could find themselves in breach of the Data Protection Act.

Mobile Phone Data Security
Mobile phones are common tools of the trade now for many businesses. However, in recent years these devices have become much more sophisticated. Many have the capacity to store over one million emails, as well as contact details of an entire customer base and other sensitive information, such as word documents and spreadsheets.

Think how important the data on your mobile phone is. Be aware, too, that if your employees have a company mobile phone, they must similarly be conscious of the importance of any stored information and contact details. We strongly recommend that you look at your own mobile device security strategy, and that of your company.

As a first step you should note down your mobile device’s IMEI (International Mobile Equipment Identity) number. This is often found underneath the battery and your mobile provider will require it when you report the loss or theft of your mobile. This should be a mandatory safety measure for all staff with company mobiles.

Action Points
Here are action points you should consider when formulating your mobile security strategy:

Enable the “Automatic Lock” function on your device, and set the lock period to the minimum time

Enable the “Require Pin” function or, if the option is available, the lock device on SIM card removal
If you use memory cards, enable the “Encrypt External Storage” option if supported by your device
Only store essential names, numbers and documents on your mobile phone
Check with your mobile provider if your device supports “Remote Wipe”, and know how to implement this
Keep your mobile provider’s number handy as they can disable your phone when you give them your IMEI
Be prepared to notify the Information Commissioner and your customers if a mobile device with customer data is lost/stolen
Further Action
There may be other things specific to your business that you need to think about, and you may need to create a mobile telephone policy and include it in your Company Handbook to ensure all staff are aware of the implications of storing data on mobile devices.

Contact the Author - Paul Clayton for more details data & telephone compliance