GDPR – managing mobile devices and your data.

Become a member of the Birmingham Chambers of Commerce

GDPR – managing mobile devices and your data.

Subsidium

Most of you will be well on your way to preparing for the enforcement of the General Data Protection Regulation (GDPR) in May. But have you thought about the mobile devices, tablets and IoT that your team use? Do you know if the data you have saved on those devices is covered in your plans and protected against loss or theft? Can you access the devices and remove data? As highlighted in the recent Facebook scandal; can you be sure that you are not accidentally sharing data with third parties through apps?

Q1) We only have a few mobile devices, can’t it wait?

Data protection and GDPR doesn’t stop at the desktop – the law is just as applicable to mobile and IoT devices. It doesn't matter if your company has one or a thousand devices all need to be compliant and secure. It is time to think seriously about allowing your employees to make calls, store contacts, access work emails and download work-related apps to their personal devices. The deeper you delve, no matter what your company size, you are likely to be managing an array of corporate and personally-owned devices that are authorised to connect to the corporate network. This makes it difficult to manage and prevent security breaches. It’s just as important to protect mobile and IoT devices, as centrally held corporate data can be accessed through them and they are increasingly becoming our preferred working device.

Q2) Where to start?

If you haven’t already, you need to get to grips with the location of any personal and / or business data you are holding. Consider; is it mobile? What devices your team may be storing contacts upon? The best way to do this is to complete a data assessment report. Within the report you should document how data is intended to be processed for regulatory inspections. You should examine if there is a potential for the unlawful and unknown processing of data without consent. Sharing data unknowingly within social media and third-party apps can be regarded as a breach. Finally, the assessment should also outline your data security breach plan. How will you manage a lost or stolen device and its data?

Q4) What can I do if a device is lost or stolen?

Devices that are stolen or stray into the wrong location, should be remotely wiped to ensure complete safeguarding. If you do not have this ability, it is time to consider if you’re going to allow your employees to save data on personal devices.

Q5) Is having a unique passcode enough to protect a device?

Using encryption to prevent unauthorized access and ensuring the device is password protected will minimize the risk of corporate data being compromised, in the event of a security breach. But this is just the start, other features such as an automated log-off after a certain period can also protect against illicit access. Want to be safe? Being able to locate and lock-down the device, 24 hours a day in any geographic location means you are confident the data cannot be breached should the device fall into the wrong hands.

Thinking about the future, a lot to manage!

That is where we excel. Subsidium Managed Solutions provides you with mobile devices that suit your business needs and are fully controlled (managed) using SOTI MobiControl. There is no need to buy a new fleet of devices, the software can be added to your existing fleet.

The Power of SOTI and Subsidium. SOTI MobiControl can control every aspect of business mobility, securing and managing platforms such as Apple iOS, Google Android, and Microsoft Windows. SOTI MobiControl can help businesses manage devices within the GDPR compliancy framework, including the ability to remote wipe a device, secure and locate a lost or stolen device and prevent data sharing within apps.