Litigation attorney Chris Dix recently spoke at the Small Business Resource Network where he shared his insight on the topic of “Digital Devices in the Workplace.”
Dix spoke on how the use of smartphones in the workplace has become commonplace, but the prevalence of smartphone use has also created significant risk for companies that do not implement proper security measures to protect their own corporate data.
Companies can reduce risk and improve security on employee-owned smartphones by (i) implementing a Bring-Your-Own-Device (“BYOD”) policy and (ii) installing software on employee devices to ensure compliance with the BYOD policy.
Companies may also require their information to be transmitted and stored in secure app “containers,” which save corporate data in an encrypted format that is no longer accessible to the employee if the phone is lost or the employee is terminated. Use of a secure tunnel called a virtual private network (“VPN”) for transmission of data over insecure connections (e.g., public wi-fi) is another way to safeguard a company’s data (especially during transmission).
Additional resources include (i) the FTC’s “Start with Security” guide and (ii) the National Institute of Standards and Technology’s “Guidelines for Managing the Security on Mobile Devices in the Enterprise.”
Dix is a shareholder in the firm’s complex commercial litigation area and advises clients regarding cybersecurity, data breaches, social media, information governance and compliance with e-discovery rules and disputes.