Mobile Security Still Lacking for Advisors

Monday, March 15, 2010 15:27
edit
Mobile Security Still Lacking for Advisors

I have had a number of discussions over the past six months with advisors who are leveraging the power of the smart phone to extend their reach beyond the office and computer. While this arena continues to evolve on the application, sync and mobile browser front - the achilles heel of mobility remains security.

This Website Is For Financial Professionals Only


These conversations came to a head at the recent T3 conference in San Diego in February on the Smart Phones panel. Nearly half the attendees to the session were carrying iPhones with the remainder spread across Blackberry, Android and a few Palm and Windows mobile devices. The panel was evenly represented as well, with myself on the Android (Google Phone) platform, two on iPhones, as well as a Blackberry and Palm user.

 

A good portion of the conversation discussed applications key to advisor operations - i.e. CRM, financial planning, reporting and even custodial tools - are slowly expanding to the mobile platform. The providers making these progressive moves are keeping security in mind - thinking through how they handle the presentation and storage of personally identifiable information on the local handheld versus keeping the data securely in their data centers. However, it was also unanimously agreed to - by panel and attendees - that overall handheld security is lacking for small business in contrast to the enterprise.

On the enterprise level amid larger companies - solutions both hardware and software based can be put in place to secure and even encrypt a workforce's mobile phones. At the small and mid-size business level there are no clear solutions that preserve usability while making implementation easy. I.e. for most of us at the small business level - we may have a dozen or less employees with phones from multiple carriers we need to protect.

Based on the massive success of the iPhone and the trickle down effect of Blackberry phones beyond the enterprise - the solutions are sure to come - in the meantime there are only some basic tactics one can take to protect the business data you may sync and carry on smart phones.

 

  • Immediately set a password for opening the phone for use - both when the phone is turned on as well as a timeout set to lock the phone after a period of non-use (i.e. 10 minutes)
  • Check with your carrier and handset provider to see if they have a remote destroy option for if the phone is lost and register, if required, to enable this service
  • Review the advanced settings for any of your sync tools to assess if you can "de-select" certain types of data from being stored on your phone. Your most critical elements for mobility are your calendar and contacts with phone and email. You can opt out of also sync'ing tax ids or other confidential information. 
  • Ask this question to your practice management tools providers - like CRM, portfolio reporting or other apps that have mobile extensions or even apps for your phones. They very likely have insight into how to manage the flow of information being stored on your phone.
  • If you lose a phone - stop whatever you are doing and get it disabled.

There will very likely be some personal use solutions coming in 2010 that could offer user friendliness and usable security - feel free to toss out your own practices or any applications you have found that contribute to mobile security.

 

Comments (2)

...
Searcy
If you have a web-based CRM (like RedTail), you could also opt to login to the mobile app rather than sync'ing data directly to your phone. However, make sure you log out each time to preserve the security and integrity of the database. Then the only information you have is phone numbers (if you choose to keep them resident on the phone) and email.
searcy , March 16, 2010
...
bwarrene
For Redtail in particular (other product may also do this with mobile apps) they enable the user to determine where data is stored and how much of it makes it to the phone. Thanks for your note.
bwarrene , March 17, 2010

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy