Current Issues in Mobile Compliance

Contact Us

Contact Us

[contact-form-7 404 "Not Found"]

Secure mobility is a paramount concern of contemporary enterprises. However, as federal and state regulations become more rigorous and pervasive, staying mobile compliant also gets more challenging.

Here are the key issues that companies should be discussing with their IT and security department to ensure continued 100% mobile compliance.

1. Lack of Effective and Efficient Compliance Practices

According to Ponemon Institute research, many IT professionals value the importance of compliance but struggle to develop efficient, effective practices. In fact, 58% monitor and test manually instead of using software tools, while 86% execute those tasks in a decentralized fashion, distributing responsibility across departments that may lack understanding of risk management. In the long run, a decentralized, manual process would lead to bigger IT expenses yet also compromise enterprise security infrastructure.

These basic policies apply to mobile workforces and the devices they support. Today, more organizations acknowledge that smartphones and other wireless mobile handhelds are used by their workforce. A growing number have defined security policies for business use, including measures that must be acted upon to reduce business risk.

However, very few have established a fully automated, comprehensive process for documenting whether, when and how those mobile devices interface with corporate assets and potentially regulated data.

2. BYOD Policy Enforcement

The most significant issue in mobile compliance is an unstructured Bring Your Own Device (BYOD) policy by companies who just want to ride the trend.  Without a clear policy on which data is allowed on personal devices, employees who leave the company may unknowingly take valuable information with them, which can be sifted once the device gets lost or stolen.

Furthermore, employees installing apps on their device may not give much thought to end-user agreements, thus putting the company-owned information stored on their device at risk.

That’s why it is very crucial for companies to have a detailed BYOD policy in place to minimize or avoid such risks. Otherwise, inadequate management of BYOD devices can lead to severe damages – ranging from reputational loss to serious legal repercussions.

3. Use of Personal Email and Cloud Storage

In relation to the previous point, personal email and cloud storage service can also become a conduit for leaking corporate information. For instance, policies enforced in a Microsoft Exchange Server may work well for the internal email system of the business, but not provide protection for emails sent through personal accounts.

When not addressed, this could pose difficulty of performing e-discovery operations if employees have sent relevant material using their personal email accounts.

4. Employee Training and Evolving Technology

Rigorous employee training combined with an up-to-date system and tools are crucial aspects to remain compliant with various industry regulations. However, many organizations – especially those who operate in the healthcare sector – struggle to fulfill these two premises. According to Health Security IT, 28% of companies indicated employee training and evolving technology as the most difficult part of remaining HIPAA compliant.

Indeed, humans are the weakest link in corporate security. And without the right systems and tools, it will be much harder for companies to increase their security posture. Education and technology go hand in hand to ensure that all security measures work together.

Mobile compliance will continue to be a challenge in the years to come. But by acknowledging these issues, organizations have an incredible opportunity to enhance their security posture today for the years ahead.

Contact us today to learn more about our mobile enterprise messaging platforms.

Skip to content