One of the biggest–yet easily avoided–mistakes that credit unions can make when it comes to their data security is not planning and implementing a Bring Your Own Device (BYOD) policy.
In today’s mobile age, not having a smartphone or at least a cell phone is the exception and not the norm. Some of these devices are provided by employers, while some are brought in by the individual employee. For the past decade, more and more credit union IT departments are being relied upon to support BYOD.
No one can deny the number of benefits to using these devices. Multiple studies have shown that it increases productivity, allows for easier access to needed information, as well as access to your credit union’s systems. However, allowing access to smartphones, tablets and the like opens up an entire can of privacy issues that need to be tackled. Procedures need to be developed to effectively oversee and secure personal gadgets.
Are your employees using their personal devices while working? Do they use their work email accounts on their own phones? Do they access and edit work documents using their home computers? These are crucial questions that need to be considered in order to come up with and heavily enforce a clear policy that regulates what apps and software your employees need to have. Otherwise, you are putting your data in risky territory.
5 Questions To Answer Before Deploying Your BYOD Model
- Can employees bring their work-issued devices home and work from there?
- Can employees work using personal devices?
- If the answer to the above is yes, what security apps should they use to protect their data?
- Which secure email app are they allowed to use?
- Should employees use two-step authentication on their personal devices as well?
Steps To Consider In Order To Support An Effective BYOD Policy
- Come up with user, device and app requirements for your support process
- Measure user, security and device requirements for the BYOD delivery model
- Design/adjust your work environment for BYOD implementation
- Align your credit union’s business, user and IT requirements to the right security model
- Address potential user, security and device concerns with your BYOD policy
- Prepare your credit union’s IT department and users for BYOD by educating them on how the model will work
- Deploy the BYOD model and make sure it meets both device and user requirements
When we minimize the chances of smart devices being compromised, we avoid potential data disasters. With the right policy in place, you will be able to effectively protect your members, your data, your employees and your network from a potential data breach.