Are your users giving away corporate data?
Director, Customer Marketing & Programs
In her article “Report: Holiday Upgrades Ripe for BYOD Privacy Risks,” Diana Goovaerts at WirelessWeek.com runs down a research study by Blanco Technology Group (BTG). The wireless week report highlights the reason companies should be concerned about corporate smartphone upgrade activity during the upcoming holiday season.
First, consider the volume of device upgrades. Of the BTG survey respondents, 68 percent were either planning on buying themselves, or someone else, a new smartphone. One third of wireless users would be trading the old device to the provider to get a discount during an upgrade. An additional 23 percent look to Amazon, eBay, or other online selling sites, to relieve themselves of their old phone, while 22 percent would just give the device to a friend or relative. Additionally, some companies allow corporate paid devices to be kept and disposed of by the employee after an upgrade or replacement. What’s the concern? Corporate data is stored on many of these personal devices, and all of the corporate paid devices.
“BTG said its analysis of 122 second-hand drives and mobile devices from eBay, Amazon, and Gazelle found that 57% of those devices had residual data on them despite previous deletion attempts,” according to Goovaerts. This means most people upgrading their devices will not take the steps necessary to fully-eliminate corporate data from the device before sending it on to the next owner.
It’s important for your BYOD and corporate liable users to know how to properly wipe a device when changing phones over the holidays (or any time). Given the types of data stored on these devices, sensitive data left on the device could create risk for an organization. Simple searches on the internet give general guidelines for eliminating private company data from a personal or corporate device. This CNET article lists ways to simply wipe your phone prior to selling it. Developing and deploying a corporate policy, or even just sending an FYI email via MobilityCentral, may help reduce the risk of distributing company data outside the organization.