Minding Your PDQs with BYOD

One of the hottest topics in IT management right now is Bring-Your-Own-Device (BYOD) -- employees using their own personally-owned smartphones and tablets for work purposes. There's no point questioning whether or not to allow it: according to Forrester Research, more than half of employees are already using their own devices for work, and the IT research giant predicts that BYOD will be standard policy within 3 years. From a business point of view, BYOD is great news. Your employees can be productive anywhere using the tools they like best, and their devices don't come out of your budget. But from IT's perspective, BYOD is a potential security nightmare. If an employee's mobile device is lost or stolen, your company could lose control of sensitive information — bank accounts, donor lists, patient records, investment account — and incur significant business, legal, fiscal, and reputational damage. But since your employees are using multiple operating systems on a seemingly infinite variety of devices, each running an ever-changing array of apps, there's no one-size-fits-all way to protect that information. As a BYOD company ourselves, Xantrion is extremely familiar with the privacy and security concerns BYOD raises, as well as the mitigating measures companies can take. We've evaluated the leading mobile device management solutions and identified which ones best suit specific situations. We also understand the operational best practices, like organization-wide BYOD policies and employee training, that optimize the effectiveness of technical controls. Letting employees use their own mobile devices doesn't have to mean losing control of your business data. Call us today for help sorting through your many options and developing a custom-tailored BYOD strategy.

Smaller Businesses Have Become Bigger Targets for Digital Criminals

We've never seen anything like it. In 2013 alone, hackers and fraudsters have made more attempts to compromise our clients' data security than they did in the previous ten years combined. The primary targets seem to fall into two categories: businesses that handle large sums of money (investment advisors, accounting firms, payroll companies) and those with revenues between $10 million and $50 million. We suspect thieves choose these small and midsize businesses because they're big enough to be profitable targets, but small enough to lack enterprise-scale security. Digital risk management needs to be a top priority for your business even if it isn't in one of these higher-risk categories. Banks are shifting part of the liability for fraud from themselves to their customers, and insurance companies are denying coverage to applicants who aren't proactive enough about protecting themselves, so start laying the groundwork today: Supplement the technology you use to block technical attacks, like mobile device encryption, with procedural defenses to protect against sophisticated social attacks. Ask your bank and/or auditor about best practices to protect your electronic financial transactions -- for example, requiring two confirmations for transfers over a certain dollar amount, or using a dedicated banking PC with Internet access restricted to your bank's website. Consider having your business formally audited so you can use the audit to prove your adherence to best practices to insurance carriers, business partners, and regulatory agencies. Work with an attorney to develop a response to fraud and data breaches before you need it. Contact Xantrion today to find out more about how we can help you fend off security breaches and manage digital risks to your business.