Do you or any of your employees bank using an iOS- or Android-powered phone? Are you a financial institution that allows the use of personal devices? Credit Union Times writes a fairly damning article with regard to the state of security on mobile devices when it comes to mobile banking and financial institutions. Scott Ksander, VP of IT at the Purdue Federal Credit Union is quoted as saying, “My impression is that we are all getting better at what we do … unfortunately, that goes for both the good guys and the bad guys.”
We know that mobile devices today are fast approaching the number one targeted element in one’s personal life by criminals looking to perpetrate either identity theft, financial theft or defraud organizations in some way. The rapid influx of personal mobile devices into organizations, coupled with the younger generation of worker having never experienced life without mobile devices, has created a mobile culture that has a startling lack of sense about security.
With most financial institutions having no method to enforce even the most basic level of security discipline across their employees’ mobile devices, it is only a matter of time before someone loses an iPad, iPhone or Android device (that’s outside the reach of Activesync or BES) that happens to have information on it that can severely damage a company intellectually or financially. With more and more financial institutions moving to a BYOD model without also implementing mobile device controls, this becomes more and more of a risk every day.
