Title credit: Bob Dylan I remember a time (not very long ago) when making or receiving personal calls at work was strictly against company policy (unless there was a family emergency.) If I received a call during my shift, you could count on it being followed up with a quick "conversation" with my supervisor to let me know that it was unacceptable behavior (and that I should be sure to let the caller know.) When I visit businesses (of various types) today it is more often than not that the employee providing my service, supervisors or even managers will have their personal cell phone, tablet or other mobile device very near their workstation. I also find that many of the PCs in the workplace may have a USB Synch/Charge cable connected without the mobile device it is used with being present.
No matter your company's operational policy regarding employees having their mobile devices at work (especially if your policy allows such devices to be kept within "easy reach" during their shift;) owners, managers and employees need to be aware of the high level of risk that is created when this is allowed. As the majority of these devices can serve as a "USB drive" in addition to their primary function; connecting them to a workstation on your network results in a non-compliant status with PCI-DSS and HIPAA requirements. You are essentially allowing a non-approved data storage drive to be connected directly to your secure network. This practice represents one of the simpler ways a company may experience an internal data breach. It may also result in Malware or other undesirable infections of your network. We strongly recommend avoiding any and all policies allowing staff to bring their personal mobile devices into the workplace. We encourage companies to avoid allowing personal mobile devices of any kind to be kept any where near workstations or servers which may lead to them being connected via USB to your network. If your policies regarding mobile devices are more "flexible", we suggest the following considerations when establishing them:
Edward Kopp - PCIP / Partner / Phoenix Dental IT, L.L.C.
0 Comments
Leave a Reply. |
Phoenix Dental ITProviding expert technical support to Dental Practices in the Phoenix Metropolitan Area Archives
April 2017
|