Business doesn’t stop when you leave the office. We all use technology to get things done. This mobility also comes with a price. Hackers often take advantage of the general lack of tech savvy to take what they want. Here are four ways companies leave the door open to big problems and how to avoid them:


1. Not protecting employee’s phones


Smart phones are tiny computers that go everywhere we do. Accessing work email or other information on these devices also puts sensitive data out there. These complicated devices have many places to store and access data that can function like back-doors. Phones can also be lost, stolen, or easy targets for hackers. Address some of these risks by:


  • Having a written policy on use of smart phones to access company information;
  • Training and having employees acknowledge policy requirements in writing;
  • Requiring all devices to meet minimum security settings and have passcodes;
  • Evaluating a means to remotely wipe the devices when lost, stolen, or when it otherwise makes sense.


2. Failing to take the offense with social media


Social media can be an effective and inexpensive way to build a following. Social media is public by design and can create a different set of problems if not managed strategically. Consider the following when using social media:


  • Document a policy on use of social media by employees and vendors;
  • Check-up on social media accounts that are heavily automated to verify they continue to run as planned;
  • Implement checks and balances for accounts that may be managed by one person;
  • Change passwords frequently and make them complex for company accounts, management, or key employees.


3. Not saving data in multiple places


Many are migrating their important information to the cloud. Relying exclusively on the cloud also puts all of the data in the hands of someone else. Protect this important relationship by:


  • Having a plan for backing up data outside of the cloud;
  • Making sure that critical data is stored in multiple secure locations;
  • Carefully reviewing contracts with cloud providers to ensure that there are requirements for notice of security incidents—even when they may not directly involve your data;
  • Scrutinizing security protocols of cloud providers and consult with technical experts to ensure that these steps are sufficient for your needs; and
  • Verifying cyber coverage of cloud providers and consider obtaining your own policy.


4. Slacking on security


Data is always attractive to hackers. It can also be stored in unexpected places that people often overlook. Never let your guard down and definitely don’t assume anything when it comes to security. Check-up on your security by:


  • Tracking and holding someone accountable to make sure that all devices are routinely updated as these important patches become available;
  • Verifying that the current firewalls and antivirus programs are all properly installed on devices;
  • Documenting IT policies and training employees on common traps like phishing, malware, and fake WAPs;
  • Professionally wiping old devices and make sure they are properly disposed;
  • Establishing and communicating an incident response plan.


Technology can be instrumental or treacherous. It is no longer a matter of if a breach will happen—but when and to what extent. Make a plan for the worst before it happens in order to try to minimize later complications. Anything related to technology can be highly technical and create more problems if not implemented properly. Consult with professionals to help navigate these complicated technical, legal, and practical challenges.


Photo credit: Don Hankins via / CC BY