Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


Managing the risks of mobile devices

Robert Winter
By Robert Winter, chief engineer, Kroll Ontrack

Failure to keep customer data safe and secure can result in severe penalties for financial services firms.  For example, this year saw Welcome Financial Services (WFS) being fined £150,000 after losing the personal data of half a million of its customers.Robert Winter

Other high profile incidents include the case of two backup storage tapes that were lost by Cattles Group, containing the data of 1.4 million people, mainly customers of Shopacheck loans.

Removable disks and back-up tapes have created risks for banks and insurers for many years, but the new risk to consider is that of employees being allowed to opt into either Bring Your Own Device (BYOD) or Choose Your Own Device (CYOD) policies.
The risk has been created by the number of employees accessing work information from a remote device within UK businesses.  This has soared in recent times, with 10.3 million employees now using personal laptops, tablets and handheld devices for carrying out or storing work data.
The concept of BYOD is popular among employees and corporate management alike – particularly in companies where computing resources and budgets are limited. Seven per cent of UK employees (1.9 million) are carrying around confidential work data on their own mobile or handheld device which has not been supplied by their employer.
Employees know how to use their own devices and can more efficiently manage their work and life in an integrated fashion.  Companies can also save money on hardware and simply focus on usage policies and packages for their employee base.
However, despite the benefits, corporations and employees often forget important considerations. What happens if a device is lost or damaged? Will a lost or stolen device be remotely wiped? How will the device data be backed up? Many employees are not aware of the amount of responsibility they are assuming when using their devices for corporate purposes or that their privacy is at risk.
According to Kroll Ontrack research, privacy and security should be major concerns for employers, with employees risking the loss of important work information by using personal devices which are not supplied by their company. It shows that one in eight (12% or 3.1 million) of the UK’s working population have unintentionally lost work data from their work device within the last 12 months, either through malfunction or corruption.
According to the research, and despite the risks of losing confidential work data, one in five (21% or 5.7 million) UK employees admitted that they save critical work information on removable media devices such as flash drives.  This figure increases to 27% for those aged between 25 and 34.
One of the biggest challenges for financial services businesses today is to understand and manage the huge quantity of data they hold.  Unfortunately, due to an increasingly mobile workforce, the risk of losing confidential data is heightened exponentially, unless the correct preventative action is taken. As a result, businesses are not only jeopardised financially but also run the risk of damaging their reputation.
Organisations clearly need to do much more to help protect their data.  Companies must implement thorough policies and procedures to help staff understand rules and security features surrounding BYOD.

BYOD Checklist
Before employees use private devices for work, they should ask some important questions and clarify these issues with their company’s IT department:

  • Backup Responsibility: As soon as company data is involved, certain compliance requirements apply. Is it the employees’ responsibility to save their own data at specific intervals or do the company’s IT specialists take care of that? What tool is used to conduct the backup, who makes it available and who monitors compliance?
  • Data Loss: Mobile devices are not robust and the memory is easily damaged. If there is no backup and the data is important, a professional expert may be able to help. But who has to arrange for this and who will foot the bill? In addition, many people don’t realise that it is not possible to distinguish between company and private data during the data recovery process. When a data recovery is performed, data will simply be restored. Often times the file names can no longer be read, so all files have to be opened and checked in order to disentangle private and company data. In this case, privacy cannot be maintained.
  • Loss of the Device: Two main issues arise if the device is lost or stolen – first, who will replace it, and second, the obligation to inform the employer. Are there rules as to how soon the company must be informed about the loss? Does the company intend to take quick action, such as remotely blocking access or deleting data?
  • Remote Deletion: Some companies require employees to install a program on their device that allows data to be deleted remotely in case of loss or theft before they may use the device for company purposes. Many people do not realise that the deletion is not specific to company data, but affects personal data as well. In other words, if employees don’t regularly save all their personal contact information, photos etc. – via their provider’s online services, for example – they may lose them all.
  • End of the Employment Contract: Most people change employers sooner or later. What happens to the company data on the private device in that case? Who checks that it has been deleted? Will care be taken to ensure that private data is not lost during the process?
  • Convenience or Privacy: Of course it’s convenient to have just one device for both private and professional purposes – only one password, only one charging cable, etc. However, it is still not possible to separate the different kinds of data precisely, so companies often save employees’ private data as well, depending on backup and logging requirements. BYOD often means sacrificing privacy and everyone has to decide for themselves whether it’s worth it.
Kroll Ontrack advises that organisations have a clear data recovery plan in place. When looking for a data recovery provider, they should make sure the selected provider is willing and able to work with them step-by-step, keeping them apprised of the data recovery process and what can actually be recovered. It is also advisable to find a data recovery provider that has the resources to perform emergency, remote or onsite recoveries and from systems that are proprietary or unique to their environment.
Anyone who’s interested in data recovery can visit more information and a quote.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post