Many employees are still very careless when it comes to using smartphones and tablets. This is often primarily due to a lack of knowledge: “Why make it more complicated and use the company messenger when WhatsApp is much easier to use? If I use WhatsApp and co. once, nothing will happen! And the boss doesn’t need to know everything!”
With these views, companies not only run the risk of breaching compliance guidelines such as the GDPR, sometimes unknowingly, but also risk reputational damage.
In the first part, we have already explained the risks posed by unencrypted emails, data-hungry apps and the storage of sensitive data. Here, we will introduce you to further risks and how you can best deal with them.
1. phishing attacks in the browser
The tricks used by cyber criminals are becoming increasingly perfidious and difficult to see through. They are now so clever that they “smuggle” deceptively similar user interfaces into the browser. If you log in to a fake site with your access data, fraudsters can easily obtain your data. The data obtained in this way can easily be used by fraudsters for blackmail attempts or published on the Internet.
2. terminated employees
It is an unpleasant situation for everyone involved, but it does happen: Employees leave the company in a dispute and may feel they have been treated unfairly. In the worst case, they may even want to take revenge on their ex-employer. If there is still company data on the private smartphone that cannot be deleted remotely, ex-employees have enough ammunition for revenge actions that could cause enormous damage to your company.
To help companies protect themselves from the risks, we will give you a few tips on how best to counteract mobile shadow IT right from the start:
Control IT usage
It is important that you know which applications your employees have on their smartphone or tablet, especially if your employees process company data on BYOD devices. Applications such as WhatsApp access contact data and collect metadata that can be used to create personal user profiles.
Educate employees
Unfortunately, the answer to why data leaks and the use of unauthorized applications occur again and again is often: due to ignorance. The most important tip for sensitizing your employees to the issue is therefore targeted education. This can take the form of targeted training courses, for example, which explain the dangers of mobile data use and explain solutions.
Allow instead of prohibit
If companies prohibit their employees from using applications such as WhatsApp and Facebook on BYOD and COPE devices, the result will always be the same: People simply use it secretly. To prevent this, you should offer your employees intuitive apps that are simple and easy to use. On the other hand, the above-mentioned applications should be urgently banned for business use, but not for private use.
This is where a secure, mobile container solution comes in handy, which not only separates company data from private data, but also enables the container with the company data to be deleted immediately at the touch of a button if the device is lost.