Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Safeguard data with training and remote device wipe capabilities

In this #GRCchat recap, learn why remote device wipe is a good option for IT departments looking to safeguard data -- both corporate and personal.

How can executives feel at ease when confidential corporate data is at stake? When it comes to mobile technology's influence on business, one thing is clear: Security policies are required.

During SearchCompliance's February tweet jam, participants were asked, "What information management practices must be included in a mobile device policy to assure proper data security and to prevent breaches?"

Our participants called for remote wipe control on mobile devices housing corporate information:

Wiping a corporate device clean is one thing, but how much leeway do executives have with personal devices that employees have brought into the enterprise themselves? For tablets, smartphones and wearables that can't be cleared remotely, IT security teams need backup:

These access limits and restrictions are critical in this day and age, especially with the increased use of mobile technology by corporate employees and the rising incidences of device theft and loss. One tweet jammer shed light on this -- apparently very common -- issue:

Given the inevitability of human error, SearchCompliance asked #GRCchat participants:

Tweet jammers didn't argue: Human error plays a huge role in effective data protection, so frequent training is necessary:

SearchCompliance Site Editor Ben Cole suggested that IT organizations give their employees constant reminders of their role in corporate data confidentiality. From there, participants tacked on more suggestions, such as constant evaluation of employees' policy knowledge and the creation of applications specifically for training purposes:

But wait: Do employees actually pay attention to this kind of training?

According to #GRCchat-ters, training must be short, engaging, memorable and take place often -- especially since it seems employees don't really consider their mobile privacy as much as their IT staff do. We asked our followers, "How should companies address employee privacy when conducting data governance of mobile device information?" Their thoughts:

More #GRCchat recaps

Mobile data access points complicate protection strategies

Craft an info governance structure

Who is responsible for GRC?

Other tips offered by tweet jammers for addressing employee privacy during mobile device data governance operations: being open, being transparent and treating employee data like corporate data. Are there other ways to make sure employees are invested in information security -- whether they're protecting their own personal data or corporate information? Please add your advice in the comments section below.

To read the entire conversation from this #GRCchat, search the discussion hashtag on Twitter. Join our next SearchCompliance tweet jam scheduled for Thursday, March 27 at 12 p.m. EST (topic TBA).

Dig Deeper on Managing governance and compliance

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How do IT organizations get employees invested in information security?
Looks like a great conversation! When's the next one?
Next one is scheduled for Thursday, March 27 at 12 p.m. EST. Topic will be announced mid-March!