Are Your Crew’s Mobile Devices Putting Your Construction Firm at Risk?

Have you harnessed the strategic advantages offered by mobile technology for your construction firm? Have you mitigated the potential risks of using personal devices for work? Mobile Device Management is an important undertaking in any industry, but especially in the construction sector.

Did you know that the number of smartphone users around the world is expected to reach 2.87 billion this year?

Of all the newer technologies, smartphones are likely having the greatest effect on the world. People are more connected, which can greatly benefit construction firms like yours. Enabling staff to use their own devices to manage and execute tasks on devices they’re familiar with can greatly boost productivity among your team – in some cases, up to 53%.

Having your staff use their own personal devices for work means that you don’t have to pay for the technology they’d be using otherwise. Depending on the size of your firm, that could mean potential savings of thousands of dollars that would have been necessary to pay for tablets and work phones.

However, doing so without a proper plan can come with risks…

  • Lost or stolen devices can do major damage to you, leading to compromised data and lost work.
  • Unsecured Wi-Fi hotspots and other vulnerabilities allow intruders inside your private network.
  • Mobile devices are becoming bigger targets for cybercriminals, who use malware and other methods to attack smartphones and tablets.

Do You Have A Mobile Device Management Policy?

This type of comprehensive policy dictates how your employees can use their personal devices for work purposes, dictating which security apps should be installed, and what best practices need to be followed.

An effective MDM policy should also instill safe and secure practices for employees that use personal devices for business purposes. Key points include:

Proper Conduct

Integrated into your internal network, these devices can be used to access, store, transmit, and receive business data.

You’ll need to have policies in place to regulate how employees use their devices to interact with sensitive data. Take the time to consider the risks associated with mobile device use, such as the potential for devices containing business data to be lost or stolen, infected with malware, or the potential for accidental disclosure of confidential information through sharing a device with a family member or connecting to an unsecured wireless network.

Identify And Address Risks

A risk analysis will help you identify vulnerabilities in your security infrastructure, and help you determine the safeguards, policies, and procedures you’ll need to have in place.

Whether the devices in question are personal devices or provided by your IT company, you will still need to have a clear idea of how they’re being used to communicate with your internal network and systems.

Assessments should be conducted periodically, especially after a new device is granted access, a device is lost or stolen, or a security breach is suspected.

Policy Development & Review

Policies that are designed for mobile devices will help you manage risks and vulnerabilities specific to these devices.

These policies should include processes for identifying all devices being used to access business data, routinely checking that all devices have the correct security and configuration settings in place, whether or not staff can use mobile devices to access internal systems, whether staff can take work devices home with them, and how you will go about deactivating or revoking the access of staff members who are no longer employed.

Prohibited Activity

Maintaining mobile security isn’t just about having the right apps – it means following the right protocols, to eliminate unknown variables and maintain security redundancies:

    1. Review installed apps and remove any unused ones on a regular basis.
    2. Review app permissions when installing and when updates are made.
    3. Enable Auto Update, so that identified security risks are eliminated as quickly as possible.
    4. Keep data backed up to the cloud or a secondary device (or both).

Staff Expectations

Everyone on your staff should be educated on how best to use mobile devices to avoid costly security errors. Your safeguards can’t protect you or your clients if your staff doesn’t understand your policies and procedures, and lacks a basic grasp of security best practices.

Your entire team should be taught how to secure their devices, how to protect business data, what the risks are, and how to avoid common security mistakes.