Why Your Business Needs a Mobile Security Policy
This computer contained data on all American veterans who were discharged since 1975 including names, social-security numbers, dates of birth and in many cases phone numbers and addresses -- nearly 30 million entries in all. Although the laptop was later recovered, the VA suffered a serious black eye, and Congress demanded that Secretary of Veterans Affairs R. James Nicholson testify about the breach.
Rep. Bob Filner (D., Calif.) took issue with firing the worker, saying that the data analyst was authorized to take a laptop home and use a software package to access the data, contradicting Nicholson's previous testimony that the employee was not authorized to have the information at home. "He got all the approvals that he was supposed to have," Filner said. "I don't know of a policy that he violated, if you'll tell me one. And that's the real negligence -- that there were no policies."
Create Your Own
Privacy and confidentiality of your company's and clients' data is the hot button pushing the most recent regulations and compliance laws. If your company is affected by compliance regulation, such as Sarbanes-Oxley, HIPAA, the PCI DSS (Payment Card Industry Data Security Standard) or other regulations, losing a laptop could land you in serious privacy-violation hot water. TJX (TJX) has already spent more than $250 million recovering from a January data loss, with large class-action suits in the wings.
Creating such a policy probably isn't a do-it-yourself project. It's a good idea to sit down with a legal adviser and a security expert to find out where your company is vulnerable and what you can do to plug the holes.You don't have to build your policy from scratch, however; there are myriad sources to draw inspiration from. The SANS Institute's SANS Security Policy Project has a wealth of resources for writing security policies, including primers and policy templates. Or take a look through Charles Cresson Wood's Information Security Policies Made Easy. Creating a mobile device security policy is a crucial step toward reducing business risk when your employees are on the road. Of course, the next step is to implement that policy, so check back next week for tips for the traveler, as well as nifty tools and software to help keep your company's data on a leash.
Select the service that is right for you!COMPARE ALL SERVICES
Jim Cramer and Stephanie Link actively manage a real portfolio and reveal their money management tactics while giving advanced notice before every trade.
- $2.5+ million portfolio
- Large-cap and dividend focus
- Intraday trade alerts from Cramer
- Weekly roundups
Access the tool that DOMINATES the Russell 2000 and the S&P 500.
- Buy, hold, or sell recommendations for over 4,300 stocks
- Unlimited research reports on your favorite stocks
- A custom stock screener
- Upgrade/downgrade alerts
Jim Cramer's protege, David Peltier, identifies the best of breed dividend stocks that will pay a reliable AND significant income stream.
- Diversified model portfolio of dividend stocks
- Alerts when market news affect the portfolio
- Bi-weekly updates with exact steps to take - BUY, HOLD, SELL
All of Real Money, plus 15 more of Wall Street's sharpest minds delivering actionable trading ideas, a comprehensive look at the market, and fundamental and technical analysis.
- Real Money + Doug Kass + 15 more Wall Street Pros
- Intraday commentary & news
- Ultra-actionable trading ideas
Our options trading pros provide daily market commentary and over 100 monthly option trading ideas and strategies to help you become a well-seasoned trader.
- 100+ monthly options trading ideas
- Actionable options commentary & news
- Real-time trading community
- Options TV