White Paper

What you need to know about mobile security and GDPR

Apr 11. 2018

Mobile security and GDPR: what you need to know

Increasingly, employees use, store and access personal data across a number of devices including personal and work mobile phones. When the General Data Protection Regulation (GDPR) comes into effect on 25th May 2018, businesses will need to ensure that the data stored on its employees’ mobile phones is as secure as the information held on their own databases and servers. So, how can a business comply with GDPR and keep their customers’ data secure?

Minimise risk

45% of companies surveyed in 2017 have no formal policy for securing customer data (Source: CSS)

Wherever there is data there is risk which could mean a breach. Consequently, minimising this risk is vital. Before anything – before any complex technical considerations or applications are uploaded to a device – think about who needs access, and to what? If some apps aren’t going to be used, why install them if they might be linked to sensitive data? Mobile security starts with some basic housekeeping. Define user profiles, streamline the administration chain and minimise risk.

Secure the Device

54% of surveyed companies use some form of mobile device management (65% of established businesses, compared with 43% of start-ups) (Source: CSS)

The set-up of mobile devices can be complicated and there are clearly many points to consider: from the configuration of available connections (such as Wi-Fi, VPN, Bluetooth, NFC, GPS) and storage devices (SD cards) to camera/audio set up and managing application updates. Then there’s the critical importance of maintaining the operating system (this might sound daunting, but don’t panic). The overriding message is: secure the device to reduce the risk of data leakage.

Understand that people will be people

78% of people claim to be aware of the risks of unknown links in emails, yet click on these links anyway (Source: Vanson Bourne)

No matter what safeguards are put in place before handing a mobile to an employee, there is always a risk human error will compromise security. Phones will still get lost. People will login to unsecure Wi-Fi hotspots and may download content and apps from illegitimate sources.

How Samsung can help

In a post-GDPR world, losing sensitive information or allowing someone else to access it is a risk. But because we understand the challenges involved, we have a range of mobile solutions that can assist businesses of all sizes in their efforts to meet their GDPR security obligations.

To begin with, Samsung have developed data encryption that is built into both the software and hardware of our handsets. Business information can also be kept separate from a user’s personal information in a secure and encrypted folder. We use biometric passwords that bolster security and overlapping defence and security mechanisms that protect against intrusion, malware and other malicious threats. In short, our mobile solutions are here to help you remain in control.

Find out more about Samsung Knox solutions