Insights: Article

Our Continuously Connected Lives: What’s Your ‘App’-titude?

By   Jon Ault

January 15, 2017

As someone who heavily depends on my smartphone for my job, I can barely remember my “pre-smartphone” life anymore!  (Yes, some of us are old enough to have lived without smartphones!!)  But that is a thing of the past, today, everyone uses apps on a regular basis to make day-to-day life easier.  Need directions to a customer’s office?  Pull it up in Google Maps. Need to check in for your flight or your hotel?  We have an app for that!  Need to find a place to go to dinner tonight?  Search for local options on Yelp.  The conveniences of mobile apps extend into our professional lives as well, with always available email, mobile business analytics tools, etc.

This year’s theme for National Cybersecurity Month is “Cybersecurity from the Break Room to the Board Room”). A continuously mobile workforce presents several unique cybersecurity risks requiring attention from across the organization, truly from the break room to the board room.

App Security Risks
While there have been significant improvements in recent years the apps users install on their smartphones still pose a significant risk to personal and business data. The Android system with the Play Store from Google, the Apple iOS system with the Apple Store, and Windows OS with the Microsoft Store have built-in methods to help users identify apps and the security each offers, regardless each still have their own associated risks. Some systems will allow you to authorize and approve the access and permissions for each app that is installed. The issue for users with that model is in order for most of the apps to work properly you must authorize all the permissions without the users being able to properly research the application and publisher for security concerns. More work needs to be done in this area of risk for normal users to achieve better control on the security of their devices and personal information.  

Bring Your Own Device (BYOD)
One of the primary challenges of security in a mobile world is the blending of personal and professional data on a single device, owned by the employee.  (e.g., BYOD)  When employees are allowed to use their personal devices to access company information, proper use of Mobile Device Management (MDM) is particularly important.  Effective BYOD programs leverage three key strategies to manage risk:

  • Policies – Clearly defined rules for where and when use of a personal device for business use is acceptable.
  • Standards – A definition of what minimum standards the employee’s device must meet for use with company information and network access.
  • Tools – Implementation of a technical solution for MDM that allows for enforcement of company polices for security.  (Examples:  PIN requirement for unlocking the devices, Support for remotely wiping data from the device)

Data Encryption
Implementing proper solutions for data encryption is a key strategy for management of mobile devices.  Encryptions solutions are required for both data at rest on mobile devices (laptops, smartphones, tablets, etc.)  One of the most common sources of HIPAA breaches continues to be stolen laptops which is a risk that can easily be managed with relatively simply mobile device data encryptions technologies.

User Behavior
The upsurge of mobile device usage has resulted in a significant increase in the use of these personal devices to do company business in public locations. One of the most effective cybersecurity risk management strategies includes training employees to be aware of their surroundings.  Simple “shoulder surfingfrequently leads to significant breaches of sensitive company information. 

Wireless Security
Free public WiFi seems like a great idea, but can be a big risk for personal data theft. Most people believe that their information is secure as long as they type in their username and password. However; on a public WiFi or any network that is not known to be a trusted network then the user must take the security steps to protect himself.

Mobile technologies and apps have added a great deal of convenience to our daily lives; however, they have also added significantly to the cybersecurity risk at every organization.  More than ever, it is critical that your whole organization develop an “app-titude” for cybersecurity!

Latest Insights

July 13, 2018
Here are some idea for giving your new hire a smooth start into your business and alleviating stress for you.
July 13, 2018
The impact of the recent SCOTUS Wayfair decision will continue to have a ripple effect on businesses and state sales tax compliance.
July 9, 2018
The revenue cycle is a complex system and we have historically given much attention to the front-end and back-end while oftentimes leaving the middle functions of the cycle neglected.
July 3, 2018
FASB Accounting Standards Codification Topic 606, Revenue from Contracts with Customers, provides a 5-step framework for determining revenue recognition.
July 2, 2018
As part of the Tax Reform Act of 1986, the “Kiddie tax,” a taxing regime designed to make the transfer of income items by wealthy parents to lower tax paying children less attractive, was implemented.
July 2, 2018
When it comes to your employees, you likely conducted interviews on them when you first hired them.
July 2, 2018
Nearly ten years after the release of the initial exposure draft, FASB issued ASU 2016-02, Leases - The standard may have been issued, but the conversation about this re-write of legacy guidance has not slowed.
June 29, 2018
Banks look at three broad categories when considering small business financing: business cash flow, personal financial strength, and collateral value.
June 28, 2018
You need to be cautious when entering into a bartering relationship and remember to track everything and the key to accounting for bartering is making sure you still record the income earned and expenses incurred.