As a small business owner or employee, you and your fellow staff members are probably keen to get your hands on the latest smartphones, tablet PCs and portable laptop computers to help you with your daily routine in and out of the office.
Indeed, you probably already have one. The results of a Telstra online survey recently revealed that smartphone ownership has now reached 46 percent of the mobile phone-owning population in Australia, and will reach 60 percent by the end of 2011. Almost half of those surveyed (47 percent) admitted to accessing the Internet from their smartphones during work hours, 13 percent during business meetings.
Thus the King Canute approach to holding back the flood tide of mobile devices into your business is no longer possible. It’s time to recognise the security threats posed by these devices and put in place the technology, procedures and policies to deal with them.
Does lots of power pose possible threats?
Such is the sophistication of today’s mobile devices that they mirror their desktop computer equivalents in almost every sense. Smartphones today are packed with an immense amount of storage and computing power compared to even five years ago.
The famous quote, “With great power comes great responsibility”, is true in this case too. Your employees’ mobile devices are now as much a part of your IT resources as the server or database that you keep your client records on. This in itself means that the apps and files on employees’ devices now start to form a solid element of business risk.
A recent survey carried out by the Ponemon Institute on behalf of AVG Technologies found that 55 percent of consumers are aware that they may be putting their employers’ confidential business information at risk when using their smartphone for both business and personal use. The survey also found that 52 percent of those who are aware of the risk say that it has happened. However, only 40 percent are concerned about this.
“The problem here is that not only can people easily lose or mislay these devices, but there is a lot of malicious web-based content out there specifically designed to attack mobile computing users. So all mobile devices need to be password protected and have security software on them,” AVG Security Evangelist Lloyd Borrett said,
This is not plug-and-play computing
While mobile devices can significantly boost employee productivity when used conscientiously, small business owners need to realise that this is not plug-and-play computing.
They need to consider whether to allow employees to use mobile devices for both business and personal use. If they are going to be used for both purposes, employers should find out who is using what kind of equipment and what “apps” they are using and enforce company security policies to protect the business.
“We recommend business owners put together a policy document spelling out security requirements and permissible usage,” Borrett added.
To assist, AVG has put together a Small Business Security Guide, which delivers an 11-page action template covering the establishment of policies and processes to secure workplace practices and deliver governance over technology use.