WFG News

Defending Your Company in a BYOD Workplace

By February 9, 2017 No Comments

Today, just about everyone has a device that is roughly equivalent in power to entry level desktop computers that many in the financial services industry are still using to process their daily work. In an increasing number of cases, the technology that an employee can bring into a business is superior to the equipment already sitting on their desks. Is it any surprise that employees have embraced Bring Your Own Device (BYOD)?

Better technology makes employees more efficient. It provides the power to do more than they can with older equipment that has been made available to them. They quickly become frustrated when forced to use yesterday’s tools to complete today’s work. And yet, BYOD brings with it significant risks, especially for the financial services firm.

A recent story in PCWorld cites a number of instance where consumer data was lost when a laptop was stolen. Cases include a former physician at the University of Oklahoma, insurance provider Oregon Health Co-op, EMC and Hartford Hospital and SterlingBackCheck, an employee screening service. It’s not so much the bringing of their devices to work that poses the problems, but the taking them back out of the enterprise.

Chris Nerney from Mobile Business Insights provides these guidelines for helping financial services firms protect data on mobile devices:

  • BYOD policy must be fully formed before procuring tech support.
    Financial services companies must decide which devices and platforms to support, which employees should use BYOD devices for their jobs, which security measures should be deployed and which network services a BYOD device can access.

  • Devices accessing corporate resources must be clearly identified.
    This should be done even before developing a BYOD policy in order to give enterprise IT a realistic starting point for creating that policy.

  • Enrollment of their devices by employees should be easy.
    The simpler it is for financial services employees to enroll their personal devices with enterprise IT, the more likely it is that they will comply with the BYOD policy.

For more of his insight, see Nerney’s full article here.

Even with all of these safeguards, the financial services industry is moving away from BYOD. Executive peer groups have discussed the fact that expected cost savings and productivity increases have not materialized. WFG does not currently support BYOD for any device that has direct access company data. Staff can use personal phones and tablets, but they can not access their mail directly. The security risks are too high.

For more on information security, see our recent post on the topic, written by Bruce Phillips, our Senior Vice-President and Chief Information Security Officer.