BYOD policy for financial firms
BYOD adoption has become widespread across a number of industries, but none more so than financial services. According to a recent Bitglass survey, this industry leads other major sectors in supporting employee-owned mobile devices.
It may seem counterintuitive that an industry understandably predisposed toward caution would aggressively integrate disruptive technologies such as mobile and cloud with legacy IT architectures designed for reliability and stability. Yet a growing number of banks, insurance companies and financial advisory firms are leveraging a forward-thinking BYOD policy to improve employee productivity and customer satisfaction while increasing efficiency and flexibility.
This is happening despite the considerable security, regulatory and compliance concerns surrounding financial data. Financial firms recognize that success in the digital economy requires speed, agility and a relentless focus on the end-user experience — all of which are enabled by a sensible BYOD policy that meets the expectations of a digitally savvy workforce.
“As employees become increasingly mobilized, [financial] institutions can expect to achieve improved customer experiences, cost savings from expanding their mobile workforce (particularly in areas like wealth management and lending) and the ability to attract and retain new staff from today’s mobile-centric population as a growing number of employees in the financial services industry want to use their own mobile devices to access company networks and applications,” noted analysts at the International Data Corporation.
BYOD devices, coupled with customized mobile apps, do more than satisfy the consumerized expectations of financial services employees — they also empower these workers. The following are some examples:
- Mortgage officers can use loan-tracking apps on their smartphones or tablets to manage and prioritize loans.
- Financial advisers can use apps that deliver information and alerts to their BYOD devices, helping them to deliver real-time information and advice to clients.
- Wealth advisers can use their devices to track client information and offer personalized recommendations.
Focus on security
Of course, the benefits of BYOD to financial services enterprises don’t come without risk. The vast amounts of sensitive personal information and financial information — such as Social Security numbers, client net worth and investment portfolios — handled by financial services firms are a unique and tempting target for cybercriminals. To counter the threats posed by mobile malware, data theft and data leakage, financial services firms must take extra precautions. The following are some BYOD policy measures financial organizations should take:
- BYOD policy must be fully formed before procuring tech support
Financial services companies must decide which devices and platforms to support, which employees should use BYOD devices for their jobs, which security measures should be deployed and which network services a BYOD device can access.
- Devices accessing corporate resources must be clearly identified
This should be done even before developing a BYOD policy in order to give enterprise IT a realistic starting point for creating that policy.
- Enrollment of their devices by employees should be easy
The simpler it is for financial services employees to enroll their personal devices with enterprise IT, the more likely it is that they will comply with the BYOD policy.
- Personal data on a BYOD device should be separate from enterprise data
Financial services employees using their own devices for work will have sensitive enterprise and client data on their devices along with personal information and data such as pictures and videos. Partitioning enterprise data from personal employee data allows IT to safely erase enterprise data from the devices of departing employees or those whose devices have been lost or stolen.
- Devices should be monitored continuously for noncompliance
Neglect can have serious consequences in the financial services sector. BYOD users who don’t keep their devices compliant with enterprise BYOD policies are a security vulnerability.
As BYOD policies continue to gain in popularity in the financial services industry, organizations that plan ahead with regard to security will find their policies to be much more effective.