ID Experts, a data breach prevention and remediation firm, talked with 13 experts and got 13 tips for managing mobile device threats:
* Install USB locks on computers and devices to prevent unauthorized uploads and downloads;
* Consider software that can track and locate a device or wipe (erase) its data;
* Consider “brick” software that disables a missing device;
* Encrypt;
* Train employees to shut down laptops rather than putting them in sleep mode, since sleep doesn’t activate encryption protection;
* Document in risk assessments the recognition that employees may use personal devices to handle PHI even if prohibited by policy, and reduce the risk, such as offering a secure alternative to texting;
* Don’t permit PHI access via mobile devices without strong technology safeguards;
* Educate employees on safeguarding their devices;
* Purchase cyber-liability insurance;
* Secure and check devices before disposal or donation;
* Have a proactive data management strategy such as token technology;
* Have clear and explicit user opt-in policy for collecting, storing or sharing data; and
* Conduct a thorough technical review and risk audit of new mobile technologies before implementation.
Details on each tip are
This story first appeared at