Mobile Devices Present Workplace Risks

Examine your CU’s vulnerabilities and shore up security where needed.

September 4, 2012

Cell phones, smart phones, tablets, personal digital assistants—just about everyone is using them to stay connected at home, on the road, and in the office.

But these mobile devices in the workplace, especially employees’ personal devices, introduce security risks to your credit union.

A little too convenient?

Relatively inexpensive, accessible, user friendly, and easy to transport, all of this convenience is risky for your business. While it’s probably not reasonable or even desirable to prohibit mobile devices at work, the security risks are significant.

They include:

Lost or stolen devices. One of the most remarkable features of mobile devices—their diminutive size—also makes them easy to steal or lose, rendering data stored on them vulnerable to theft.

Insider theft. A dishonest employee could easily connect a mobile device to a computer’s USB port to download sensitive data or transmit data via email.

This is a growing concern as clever fraudsters increasingly look to insiders as partners in crime.

Intercepted and decrypted data. Wi-Fi-enabled devices transmitting data over unsecure networks are vulnerable to Man in the Middle attacks, exposing not only the device but potentially the credit union’s network to hackers.

Viruses. Mobile devices offer fertile ground for hackers looking for broadly used technology with limited security. Acts as seemingly innocuous as downloading apps or ringtones may invite malware into the device—and potentially your credit union’s network.

Managing mobile risks

As mobile device use at work continues to explode, so does your risk. It’s important to examine your credit union’s vulnerabilities and shore up security where needed.

Here are five steps you can take to protect your credit union:

But if you permit business to be conducted on employees’ personal devices, investigate software designed especially for devices used for both purposes.

This software allows the business side of the device to be protected and provides security measures such as password protection, encryption, anti-virus protection, and remote wipe capabilities.

Even with the best security, the worst can happen. Our Cyber Risk Hub, offered at no additional cost to CUNA Mutual Group policyholders, provides the services of a data breach coach and other key resources in the event of a breach.

Check out the Cyber Risk Hub and other data breach resources at the Protection Resource Center.

KEN OTSUKA is a senior consultant for CUNA Mutual Group’s Risk Management team. Contact him at 847-612-9653.