How a Cell Phones Security Policy Can Prevent Security Threats in the Office
written by: Finn Orfano•edited by: Bill Bunter•updated: 1/10/2011
The abundance of camera phones that also provide audio recording capabilities should make you take notice. Even in a secure environment, these devices can pose an information security risk to any type of business.
slide 1 of 2
Cell Phone Security Risks to a Business
Everyone has a cell phone these days. This is probably one of the more obvious observations that I could make but one worth pointing out. Why? I’m confident that you would be hard pressed to find a cell phone these days that DOESN'T have a camera if not video and audio recording capabilities. This translates to the possibility that many of your employees are carrying around some type of recording equipment in their purses and pockets and bring it in to work every day. This should be a red flashing light and at the very least, a valid cause for concern.
Another security risk posed by cell phones is that many have audio recording features. Conversations in person or over the telephone can easily be recorded, stored, and even emailed to another individual or group of individuals, right from the cell phone.
slide 2 of 2
Creating a Cell Phone Security Policy Can Help
So what can be done? You obviously don't want to completely ban cell phone use in your environment but there are some precautions you can (and should) take. First off, train your employees to lock their workstations when they are unattended. In the Windows environment this is as simple as holding down the Windows key and pressing "L." If company cell phones are issued, make sure to purchase models without a camera or video and audio recording capabilities. Perhaps even designate a part of your office for personal cell phone use; preferably an area away from computer systems or printers. Maybe limit cell phone use on company property altogether.
Whatever cell phone policy you decide on, try to be creative. You can bet that the individuals who aim to exploit sensitive information will be creative in their methods to try and avoid detection. Once a decision has been made, be sure and add it to your information security policy and get the word out to your employees.