When I was an IT Director years ago, one of the Doctors I worked for said to me “cell phones are now computers.” I remember thinking to myself…he just doubled the amount of devices I support!
I hope he doesn’t read this blog because I have to say, he was right! He recognized immediately that the cell phone was a device that had to be dealt with. Tablets weren’t even thought of yet.
Bring Your Own Device (BYOD)
The amount of workers who BYOD to work is constantly increasing. These become devices on a network that you don’t own or control. Basically, you have to either trust the employee or come up with a mobile device management plan.
Mobile Device Management
Even today, securing the cell phone, iPad, and other mobile devices is sometimes an afterthought. Because it’s something you don’t “boot up” and do word processing on, it often gets taken out of the security loop.
Big mistake. It’s the mobile devices that will come back to hurt you.
There are many different ways to secure mobile devices. The most efficient way is to use a third party tool that gives you permissions to somewhat control what happens to the phone if it is lost or stolen. It also forces you to lock things down using encryption and a secure password.
Some employees do not like this and feel it is an invasion of privacy. However, if they want to use their own devices on your network, or have the luxury of a company owned device, these are some of the terms they will need to adhere to.
HIPAA
As part of your HIPAA security assessment, make sure you include your mobile devices. You should have policies in place surrounding the usage of these devices, and a plan for what happens when the devices are lost or stolen. The likelihood of losing a cell phone, tablet or iPad is much greater than losing the PC that is sitting on your desk.
Get a good mobile device management software and policy in place before you need it. It will help when you do!
