Mobile Device Management
Advisors who are set on having their devices be as "smart" as possible may want to consider other options to protect them, including mobile device management (MDM). Generally speaking, MDM software offers data leakage protection similar to what might go on a personal computer in the office.
Microsoft, Research in Motion (RIM) and Good Technology are three of the biggest MDM providers, but they are all based on a similar concept: protect the device by creating an isolated computing environment, often referred to as a sandbox, for business applications, files and emails. The user is also able to go outside the sandbox to get to their personal web-based applications. In one regard, it is similar to centralized platform access discussed above, however, MDM allows for web-based applications to be accessed directly from the device.
With MDM, mobile devices must be registered and encrypted before the RIA allows access to the applications. This prevents unregistered devices from being able to access applications. In the event the device is lost or stolen, the RIA can wipe the sandbox.
The difference between going the smart platform route versus using MDM lies in who manages the platform. With a smart platform, the advisory firm typically relies on its IT managed services provider. The RIA's in-house IT staff might be able to oversee its MDM; however, the firm should also consider whether an outside vendor can provide this oversight more cost effectively.
The Basics
Deciding upon the right mobile security solution can take time, but there are a few steps advisors can take now to lend some interim protection to the data and applications on their devices. Here are three best-practice suggestions to employ immediately, and a quick google search on "self-protect mobile device" can yield others.
First, mobile devices should be set up to be erased through your provider. This way, in the event a tablet or smart phone is lost or stolen, the device can be wiped and reset immediately.
Second, all devices should be password protected and encrypted. Though the data is not necessarily protected if a hacker breaks through, the device will now have a minimum level of security in place to prevent this from happening.
Finally, never save passwords or log-ins on mobile devices. In the event a smart phone is stolen and ultimately unlocked, passwords for web-based applications are the last line of defense.
Protect The Data
When data and applications can be accessed anywhere, it is at risk of being tapped at anytime. This is why RIAs should focus on protecting access to their applications and data, and worry less about protecting individual devices. A lost or stolen "dumbed down" phone or tablet can be replaced with minimal business disruption, but this cannot be said of clients whose data or assets can be accessed from any device at anytime. RIAs should consider mobile device security as part of their firm risk management strategy, and put into place appropriate measures to sidestep the potential fallout from cybersecurity breaches.
Wes Stillman is CEO of RightSize Solutions, a provider of intelligent cloud technology and business management solutions for advisors. Stillman can be reached at [email protected].