How LA Investment Advisors are Securing Mobile Devices

Craig Pollack | May 25, 2015

How LA Investment Advisors are Securing Mobile DevicesThe BYOD (Bring Your Own Device) trend is here to stay. Los Angeles investment advisors are using their smartphones and tablets for business purposes.

While this is great for productivity and saves the firm money, how are you securing mobile devices? Personal phones and tablets pose security risks. Mismanaged corporate devices present a similar problem.

Over 60 percent of the privacy breaches reported by the Privacy Rights Clearinghouse since 2005 involved compromised mobile devices.

Minimizing Risks Using MDM

When advisors have free access to the corporate network with their mobile devices, there is serious potential for company data loss any time that phone or tablet is lost or stolen. Even selling, upgrading, or exchanging the device can lead to catastrophe, as there will almost certainly be corporate information remaining on it.

Firm managers need to take a risk-based approach by deciding what data mobile devices will be allowed to access and store company information. Will it only be email, or will certain applications be permitted?

For maximum security, the firm will have to invest in a Mobile Device Management (MDM) platform that controls which phones or tablets can access certain applications on the network.

MDM plans can also configure both employee- and corporate-owned devices to resist hackers, implement data encryption and password protocols, and do a remote wipe and lock.

Establishing an Apps Download Policy

Apps can be tricky to control, and many of them can even be malicious. This is alarming when you consider that at one time, granting access to location data could also allow certain iOS apps to upload the user’s photo library. Android has similar vulnerabilities: any app authorized to access the Internet can potentially steal or damage files if it has been coded to do so.

Apps do present users with a list of requested permissions, but the problem is that the majority of advisors with their own devices will allow access to all so they can get on with using the app.

One solution is to impose restrictions on downloading apps to business devices. Many MDM packages support app whitelists and blacklists and can disable access to corporate data if suspicious activity is detected.

Conduct a Mobile Security Audit

All mobile security strategies need to include audits that examine the mobile infrastructure for loopholes and weaknesses. A typical methodology could include penetration testing on both the devices and the servers that control them and assessing their susceptibility to data breaches. 

Detailed audits will also reveal any gaps between an advisory’s firm’s current procedures and established best practices.

Bottom Line

Securing mobile devices should be part of your investment firm’s administrative and management infrastructure. Policies need to be reviewed at least twice a year and updated as the threat landscape changes.

Implementing a Mobile Device Management (MDM) package, coupled with employee training on best practices and annual device audits, can help companies make informed decisions on security investments as well as limit risk.

 

Has securing mobile devices become a priority for your LA investment advisory firm? Let us know your thoughts in the Comments box below.

And to follow-through on the tips introduced in this short article, be sure to download your free guide, Investing in High Net Worth Clients: The LA Investment Advisor's Guide to Using Technology to Manage and Grow Your Firm.

 

New Call-to-action

 

Author

Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 25 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best secure and leverage their technology to achieve their business objectives.

Comments