There has recently been a good amount of legislation that regulates privacy in industries related to health care, insurance, finance, and others.
It is generally the responsibility of the companies and organizations in these industries to make sure their data is secure and in compliance with these Federal Regulations.
Violations of these regulations often times come with stiff penalties.
With the rapid increase of smart phone usage and applications created in these industries, the question of mobile app security and compliance comes into play.
Most companies have good security measures in place to protect their private information, from data encryption to training employees on security protocol.
However, even if private data is not accessible by mobile devices, employees may still use their personal smart phone to store sensitive job related information.
In fact, according to a Zogby survey, 79% of smart phone users said they use their mobile device for both work and personal functions.
Among the top reasons for data breaches include lost or stolen mobile devices and user negligence.
Companies must take this into account and implement a strategy that enforces compliance regardless of this weakness.
It seems clear that many mobile apps pose a security threat to the information stored on those devices and in the applications.
In order to deal with this threat, a company must have a platform for managing their employee's mobile devices.
This platform needs to accomplish some of the following tasks in order to maintain legal compliance with privacy regulations.
1.
Password protection and lock down in case of failed login attempts.
2.
Full SSL over the air data encryption.
3.
Remote wipe to clear data from stolen or lost devices.
4.
Full encryption of data stored on a device.
5.
IT separation of data.
The IT department should be able to separate personal from company data, with ability to erase company data.
6.
User access rights to restrict data access in certain cases.
7.
Over the air updating by administrators for apps and policies.
8.
Device management client and network filter.
Anyone trying to access a restricted network without the proper management client will be filtered and blocked.
This list is only partial, but gives a good idea of what companies are faced with in dealing with mobile device technology.
There are also mobile privacy apps that people can install on their smart phones.
These privacy apps can accomplish several things including the ability to lock other apps, pictures and videos, install a fire wall, or scan for viruses and remotely wipe data from a lost phone.
No one mobile app could be considered as privacy compliant, there are simply too many laws and regulations.
Rather by user education and the implementation of security platforms by companies in affected industries that enable them to control the information on their employee's mobile devices, compliance will be achieved to a much greater degree.
It is generally the responsibility of the companies and organizations in these industries to make sure their data is secure and in compliance with these Federal Regulations.
Violations of these regulations often times come with stiff penalties.
With the rapid increase of smart phone usage and applications created in these industries, the question of mobile app security and compliance comes into play.
Most companies have good security measures in place to protect their private information, from data encryption to training employees on security protocol.
However, even if private data is not accessible by mobile devices, employees may still use their personal smart phone to store sensitive job related information.
In fact, according to a Zogby survey, 79% of smart phone users said they use their mobile device for both work and personal functions.
Among the top reasons for data breaches include lost or stolen mobile devices and user negligence.
Companies must take this into account and implement a strategy that enforces compliance regardless of this weakness.
It seems clear that many mobile apps pose a security threat to the information stored on those devices and in the applications.
In order to deal with this threat, a company must have a platform for managing their employee's mobile devices.
This platform needs to accomplish some of the following tasks in order to maintain legal compliance with privacy regulations.
1.
Password protection and lock down in case of failed login attempts.
2.
Full SSL over the air data encryption.
3.
Remote wipe to clear data from stolen or lost devices.
4.
Full encryption of data stored on a device.
5.
IT separation of data.
The IT department should be able to separate personal from company data, with ability to erase company data.
6.
User access rights to restrict data access in certain cases.
7.
Over the air updating by administrators for apps and policies.
8.
Device management client and network filter.
Anyone trying to access a restricted network without the proper management client will be filtered and blocked.
This list is only partial, but gives a good idea of what companies are faced with in dealing with mobile device technology.
There are also mobile privacy apps that people can install on their smart phones.
These privacy apps can accomplish several things including the ability to lock other apps, pictures and videos, install a fire wall, or scan for viruses and remotely wipe data from a lost phone.
No one mobile app could be considered as privacy compliant, there are simply too many laws and regulations.
Rather by user education and the implementation of security platforms by companies in affected industries that enable them to control the information on their employee's mobile devices, compliance will be achieved to a much greater degree.