United States

Bring Your Own Device vs. Enterprise Devices

April 20, 2019 by securewebsite

Why Businesses Should Make the Investment for Employees

Mobility has become a major asset for modern businesses. It gives companies an edge when employees can work from anywhere with remote access on any device ranging from a cell phone, tablet, smartwatch, or laptop. Mobile technology has enabled unsurpassed flexibility in the workplace the likes of which the world has never seen before.

But as Spiderman’s Uncle Ben said, “With great power comes great responsibility.” When it comes to mobile devices, many business leaders wonder which is better: Allowing employees to bring their own devices to work or dropping the money to provide enterprise devices to all employees.

The Advancement of Technology

The development of the smartphone has shifted the way people communicate on a daily basis. In a recent survey conducted by Zinwave, “Over 85 percent of respondents, which included more than 1,000 office workers within the United States, utilize their cell phones on a weekly basis, at a minimum, for external communications, and usage was only slightly lower for internal communications.”

Not only do modern workers use their phones for voice capabilities (i.e. phone calls), but they use email through their phones as a prime form of communication. The aforementioned Zinwave study found email was the preferred means of external and internal communication for people while they are at work.

The ability to access the internet, company information, and messaging services (text) has made smartphones and tablets a necessity when it comes to productivity in modern business. “For example, 65 percent of industrial and 62 percent of healthcare workers utilize work-related data daily for a variety of applications,” according to Zinwave.

Technology has removed boundaries, improved flexibility, and enhanced communications with lower overhead costs. It can be tailored to the user experience and specific needs of any business. Mobile technology has even allowed organizations to increase their revenue potential.

“In our information-rich society, there are two critical types of interactions that must be fostered: employee empowerment and customer engagement,” according to the blog “6 Ways Mobility Can Transform the Workplace” by iOffice. “For many, mobility has become the backbone of their interactive strategy.”

The BYOD Market

According to an online article at GlobeNewswire, the U.S. BYOD market size was $30 billion in 2014 and is expected to grow 15 percent by 2022.

“Declining hardware prices, increasing mobile user workforce, and high smartphone penetration are the factors responsible for increasing BYOD market share across the region,” according to the article, which sourced BYOD research by Global Market Insights. “Increasing personal technology along with IT consumerization is also expected to boost the industry.”

While the popularity and benefits of mobile devices speak for themselves, business leaders must consider whether to allow BYOD or provide the devices for employees. Traditionally, BYOD was a highly accepted practice. Recently, there has been a move to corporate owned, personally enabled devices (COPE), the practice of organizations providing employees with mobile devices due to concerns over security, IT compatibility, and legal issues over user privacy versus company control.

At ORAM Corporate Advisors, our recommendation for mobile device management is that every employee should have a corporate-owned device. With an enterprise device, you can manage all of the security, firmware upgrades, software applications, and tracking your employees require to do their job. Additionally, COPE offers many other benefits.

Providing Mobile Devices

When your business owns the line of service for its devices, it has more control. You get to select the devices you prefer your employees to use rather than paying for and having the headache of supporting all device types. Additionally, you get to keep your devices up to date so you aren’t forced to make your network support older devices.

Protecting Your Assets

A study from Wall Street Journal Custom Studios commissioned by Symantec, showed “79 percent of employees admit to engaging in risky behaviors- intentionally or unintentionally- that place corporate data at risk” and “48 percent of employees don’t think about security risks when transferring files or sharing documents over cloud-based services.”

With corporate devices, you’re protecting your business assets. If your business owns the devices employees use, you’re able to wipe them in case they are stolen or lost somehow. This can be done remotely and quickly for theft or loss to prevent personally identifiable information (PII), trade secrets, or other secret data from falling into the wrong hands.

If a device such as a smartphone is owned by the company, you can simply call the phone carrier and wipe the phone’s memory. You request this by stating, “I need access to X, Y, Z employee’s phone. Here are the records that we are authorized to do so.” If the phone is a BYOD that’s accessing the corporate information, your business doesn’t have that same ability. The employee owns access to the account and the functions of that device.

Easy Access & Support

The same is true of the ability to access data easily. This is important when every minute counts in business. Take a smartphone for example. If there are any files, emails, or different communications downloaded to a phone on a corporate account, you’re able to search and query that device on demand. This is an improvement over waiting for an employee to submit paperwork at the end of the month in their call log when you need information immediately.

In addition, employees who use COPE devices have support from your IT department. Employees’ personal devices may not be compatible with your business network which could cause functionality issues. With corporate-owned devices, employees can simply contact IT for assistance.

Regulatory Compliance

COPE devices allow a company to reduce their exposure to security risk as well as legal and human resource issues. With tighter control through COPE devices, your business can implement the security measures it needs to keep its data and network safe. Furthermore, litigation resulting from breaches, loss of data, and regulation non-compliance is reduced.

In a highly-regulated industry such as finance, your business will need to be able to report such instances of loss or theft against that device to regulatory agencies such as the Securities and Exchange Commission. This is especially important should your business be audited or examined by such an entity.

The Money Factor

You may be thinking that providing mobile devices such as phones, tablets, and laptops to your employees is not cost effective, but the fact is that it can be. First, consider that many organizations provide a stipend for employees who bring their own devices. That stipend in and of itself is a cost. If you’re going to have the cost regardless, you should have the control as well.

Group mobile plans are getting less expensive for businesses of all sizes and can be written off as a business expense on taxes at the end of each year. In addition, when it comes to tablets, laptops, and other mobile devices, organizations buy in bulk to get a better price which benefits both the business and the employee. Another option for reducing the cost is to set up a cost-sharing option for both the device and its use with your employees.

Finally, when it comes to keeping your business secure to avoid regulatory penalties for non-compliance, the potential for lost revenue, and easy access to data, the investment up front is worth the return. That sense of security is priceless for most business leaders who wish to avoid potential breaches, lost revenue, and issues that can be caused by disgruntled employees.

The Employee Factor

Consider your best salesperson. If they use their personal devices to access your business information such as sales logs, client contacts, and invoices, they have information that could potentially damage your business financially if they were to leave.

In addition, your salesperson likely gives your clients that personal mobile number so they can contact them if they need anything. If your salesperson were to leave the company, your clients would still call that salesperson who can then easily take your customers to their new company with them. This means a loss of revenue for your business.

Should an employee leave, your business gets to keep the phone number. This means their clients will still be contacting one of your employees at your business through the same phone number. This reduces the odds of lost revenue for your company.

Create Policy & Enforce It

Every business, especially those in highly-regulated industries, should create policies regarding BYOD. This is true regardless of whether you allow BYOD or employ COPE devices in your business. You need a very secure policy and the correct mobile device management in place. In addition, your policy should outline that only legitimate work will be conducted on these devices.

If you need assistance with BYOD or COPE devices, creating policy, or mobile device management, contact ORAM today at (617) 933-5060. Our IT and security experts are always here to help your business grow smart while reducing its risks

Personal Identity Management: What You Need to Know About Protecting Yourself Online

November 20, 2018 by securewebsite

We’ve all heard the nightmare stories. Someone had their bank account breached, their social media was spoofed, or, worse, their identity was stolen. Cleanup of such issues can wreak havoc on our credit, personal, and professional lives at a cost of billions of dollars each year in the United States alone. That’s why identity management is so imperative. Here are some facts, stats, and pointers to keep you and your family members better protected online.

Identity Management & Theft
Identity management is the digital security of your identity online. It encompasses your personally identifiable information (PII) such as your birthdate, address, and banking information. Your online identity also encompasses other information found about you online from your social media accounts including Facebook, Twitter, and Instagram to your credit card accounts. Identity management, or IdM as it is known in IT circles, authenticates the identity of a user, information about them online, and who is allowed to access or modify that information.

There are several ways that cybercriminals can steal your identity online with just a bit of your PII. Here’s just a sample of what identity theft can look like:

• Applying for credit cards or loans in your name
• Withdrawing funds from your savings or checking account
• Using health insurance to obtain medical care
• Employing your social security number to steal your tax refund
• Selling your PII on the dark web to other criminals

The Cost of Theft
Time and money are two huge costs affiliated with identity theft. Anyone who has had their identity stolen, their credit card credentials lifted, or their social media breached can tell you how much time it requires to play cleanup. According to a blog by LifeLock, the average time it takes to fix an identity theft issue is seven hours. The same online article reports that in extreme cases, people may spend up to 1,200 hours over the course of a year working to resolve such issues.

The sad truth is you may personally end up investing hundreds or even thousands of dollars to repair your good name and credit. Some of the common costs for repairing identity theft can include:

• Printing fees
• Sending documents by certified mail
• Lost time at work
• Hiring an attorney
• Gas
• Police report fees

The Emotional & Physical Toll
In addition to the time and financial costs of identity theft, there are other costs as well. The Aftermath study by the Identity Theft Resource Center found, “The emotional ramifications of identity crimes continue to leave victims negatively impacted well beyond the initial incident, impacting how they manage their daily lives in perpetuity.”

Identity theft victims interviewed for the study reported long-term feelings of anger and frustration (85.7 percent), and 83.7 percent reported that they felt violated. Another 69.4 percent said they couldn’t trust others and felt unsafe as a result of being victimized online.

The negative emotional impacts left people physically ill as well. According to The Aftermath report, 84 percent of the individuals who participated in the research said they had sleep issues as a result of the identity theft they experienced. More than 77 percent reported an increase in stress levels, 63 percent had problems concentrating, and nearly 57 percent said they experienced persistent aches, pains, headaches, and stomach issues. Another 54.5 percent reported increased fatigue and decreased energy while 50 percent of people lost interest in hobbies and activities.

The Socio-Economic Impact
The Aftermath study also looked at the socio-economic impact of identity theft as well. Nearly 30 percent of victims who participated in the research reported they had to go “to family or friends to ask for financial assistance while remediating their case. For those that could not find a way to get their other needs met, 37 percent went without whatever that need was.”

Respondents in the study reported employment and educational opportunities were also impacted. More than 30 percent of victims in the study said the incident caused problems for them at their place of employment while eight percent reported issues with school as a result of identity theft. Some victims said they lost employment opportunities, benefits, or their jobs because of what happened to them.

To make matters worse, almost 39 percent of respondents said they tapped their savings to address financial needs during remediation of their case. Some even had to dip into their retirement accounts or got into debt they otherwise would not have had.

“An alarming 42.8 percent of respondents noted that as a result of their identity theft incident, they are in debt and 40.5 percent said they could not pay their bills,” reported The Aftermath study.

New Account Fraud
When it comes to identity theft, new account fraud is the most expensive, according to an online piece by LifeLock. This occurs when someone other than you opens a new account, typically a credit card, in your name with stolen PII. The article reported that in 2011, the average cost of resolving this type of theft was $354 and 12 hours of time. Today, the number of fraudulent cases has only increased and the costs have also climbed.

Child Identity Theft
Though your children may not even be old enough to spell their own name, that doesn’t stop criminals from trying to steal their information, too. According to the 2018 Child Identity Fraud Study by Javelin Strategy and Research, more than one million children were the victims of identity fraud in 2017. The fraud of children’s identity led to $2.6 billion in total losses and more than $540 million in out-of-pocket costs to families, according to the same report.

One of the most disturbing trends found in the study by Javelin is that minors who are bullied online are at an even greater risk of identity theft. The research found that victims of online bullying are nine times more likely to be the victims of fraud than those not bullied online.

Here are some great tips to help concerned parents better protect their children’s identity online:

• Train your children to protect their identity in the digital age. For example, teach them not to share login and password information.
• Pay attention to children who may be being bullied online. Children seeking friendship online are more vulnerable to becoming victims of fraud by sharing their personal information.
• Check and freeze their credit. New account fraud is the most pervasive type of fraud against children. This is the most effective method for preventing new accounts from being opened in their name.
• Monitor their accounts. Parents and guardians must actively monitor financial accounts from child savings to credit cards. Review statements online and sign up for account alerts.
• Protect physical documents. Keep sensitive documents such as birth certificates, social security cards, and passports under lock and key.
• Take notifications seriously. If you receive a notification that someone has stolen your child’s identity or that unauthorized activity has taken place on one of their accounts, move quickly to rectify the situation.
• Ask for help. If you find your child’s accounts have been breached or their identity stolen, contact banks and credit bureaus directly. This is the quickest way to close unauthorized accounts and clear their credit history.
• Sign them up for coverage. Just as you can sign yourself and your spouse up for credit monitoring, you can sign your children up for the same protection as well.

More to Chew On
A 2017 study by Javelin Strategy gives us even more information to digest. Here are some more facts and figures from their research:

• There was a 16 percent increase in identity fraud over the previous year; a record high since Javelin began tracking the issue in 2003.
• Identity fraud increased by two million victims in the 2017 study over the 2016 study.
• That increase in identity fraud meant cybercriminals stole roughly $16 billion in 2017.
• Account takeover incidents and losses rose in the 2017 report to $2.3 billion, a 61 percent increase over the previous year.
• People on social media face a 46 percent greater risk in account takeover fraud than those who shun social media.
• Being an American puts you at higher risk. According to a 2018 Internet Security Threat Report by Symantec, more than 791 million identities were stolen in the U.S. in 2016 while France came in at a distant second place with 85 million identities stolen.

What You Can Do
To protect yourself from becoming the victim of identity theft or fraud, the first step is to protect yourself with an identity monitoring program such as ID Agent, which is what we recommend here at Oram. The program monitors the dark web for your information and notifies you if your PII is found there for sale so you can be proactive about blocking thieves. The great thing about ID agent that we love is that it also monitors social media and alerts you if someone is actively targeting you. It also monitors your credit through all three major credit bureaus to let you know of any new accounts or major changes.

Should the worst happen and you do experience an identity theft or fraud, ID Agent has certified restoration specialists that will work on your behalf to completely restore your identity, even if the issue started before you enrolled. When you enroll, you get $1 million in identity insurance to cover related restoration costs.

Here are some other things you can do on your own as well if you are victimized by cybercriminals:

• Review credit card and bank statements for unusual charges. Report any that you didn’t make.
• Notify your bank(s) and creditors. Send them a copy of your ID theft report.
• Place a fraud alert on your credit files and monitor your credit reports regularly. This requires that you contact all three of the major credit reporting firms: Equifax, Experian, and TransUnion.
• Put a credit freeze on your reports.
• Close accounts you know were not opened by you or those that have been tampered with.
• File a complaint with the Federal Trade Commission.
• Contact your local police department or the police in the area where the theft took place and file a report. Make sure you get a copy.
• Change all of your account passwords and PIN numbers. Do not reuse old ones or those from other accounts.
• Contact the social security fraud hotline and request a copy of your personal earnings and benefits statement.
• Check with your local department of motor vehicles to see about getting a new driver’s license number and license.
• Contact your utility companies so thieves can’t open a new account using a utility bill.
• Ensure you are using multifactor authentication on all of your accounts.
• Sign up for credit monitoring if you haven’t already done so.

If you need help securing your personal identity online or remediating an identity theft or fraud, Oram is here to help. Call us now at (617) 933-5060 or visit us online.