AT WORK
THE
SMART WAY TO MANAGE
SMARTPHONES
AT WORK
24
ACAINTERNATIONAL.ORG
Without clear policies and procedures in place, employees’ mobile devices can pose serious legal risks to your business. By Anne Rosso May
J
ust as collection agencies grapple with challenges presented by consumers who are only reachable by their cell phones, so too must they deal with how to handle staff members who bring their personal smartphones to work and expect to use them there. Employees who expect a call from their children when they return home from school or who need to make appointments during normal business hours may have valid reasons for using their cell phone at work, especially if company policies prohibit personal use of the office landline phones. However, there are also frivolous reasons employees may want to keep their smartphones on them at work—they probably enjoy texting with their friends, playing games or checking in with their social media accounts. Smart technology presents a huge risk for companies that handle sensitive consumer information. Employees with portable devices could easily text confidential information, take pictures of consumer files or even download data from their computers. The repercussions of these actions can cost companies thousands, if not millions, of dollars.
SMARTPHONES ON THE COLLECTION FLOOR? The research firm IDC predicts that by 2017, 328 million workers around the world will bring their smartphones to work each day. Collection agencies should develop clear policies and procedures governing if, where and when employees can have their smartphones and other portable devices at work. To start, spell out guidelines for smartphone use during work hours in your employee handbook. For example, your policies should restrict or prevent collectors from bringing smartphones or mobile devices onto the collection floor or any place with sensitive consumer information. At Grimley Financial in Haddonfield, N.J., employees are not allowed to have portable devices on the collection floor. They may use them in the lunchroom and conference room, but are required to put their devices somewhere secure—most often, their car—before they walk back out on the floor.
COLLECTOR 08.15
“Employees with portable devices could easily text confidential information, take pictures of consumer files or even download data from their computers. The repercussions of these actions can cost companies thousands, if not millions, of dollars.”
25
Search. Point. Done. Introducing ACA SearchPoint A new way to access critical compliance guidance From healthcare reform to consumer lending, the regulatory environment is shifting quickly and changing all of the time. You need one resource and one location where you can gain quick access to critical compliance guidance. That resource? ACA SearchPoint. ACA’s FastFax is now ACA SearchPoint, a “2.0” version of the online service that has been re-thought to provide you with quick and easy access to the answers you need to stay in compliance with a range of state and federal regulations and reforms.
ACA SearchPoint features: A streamlined design that makes it even easier to access information Updated content on important topics from consumer protection to credit reporting Keyword tags that allow you to filter ACA SearchPoint’s robust database of compliance topics Multi-click functionality that lets you further narrow your search Quick Search: By entering document numbers in the search bar, you jump immediately to what you need
ACA SearchPoint is: Mobile: Goes where you are: Access ACA SearchPoint on your laptop, tablet, or phone Accessible: Easily save or print the documents you need Relevant: Documents are instantly updated when new information is available Exclusive: This free service is available only to ACA members
Check out ACA SearchPoint today and watch a short demo! Log in to your My ACA account and visit acainternational.org/searchpoint
ACA SearchPoint: One search of the site. One point and click of the mouse.
Search. Point. Done.
ACAINTERNATIONAL.ORG
KEYNOTES “Company-provided smartphones should be hardened for security, and companies may want to prohibit staff from downloading certain apps or software onto the phones.”
“Every once in a great while I will hear a ring from the floor, and I will go running down to find the person with the smartphone,” said Scott Brownlee, vice president and chief compliance officer for Grimley Financial. “Most of the time the person has just forgotten to put it away, but if that person ‘forgets’ for a third or fourth time, we’re going to part company because it’s that important. Today’s smartphones and MP3 players are actually substantial, portable hard drives. I’ve had to let two people go for refusing to abide by our device policy.” Some companies even provide lockers specifically for employee smartphone storage. Make sure any staff members excluded from your general mobile device policies—board members or salespeople, for example—follow the smartphone polices you have in place that do apply to them. Recently, one of First Collection Services’ vendors hired an independent third-party to inspect the collection agency’s security systems and technology. The auditor asked to take pictures of some of the company’s hardware for her files, but William “Chris” Dunkum, president of First Collection Services in Mabelvale, Ark., refused. “She was there for security, but our data security policy applies to everyone—nobody is taking pictures in that area of the building, no matter what,” he said.
MANAGING COMPANY-PROVIDED SMARTPHONES If you provide smartphones to staff members, set well-defined expectations for how employees may use those devices. For example, company-provided smartphones should be hardened for security, and companies may want to prohibit staff from downloading certain apps or software onto the phones. Discourage employees from using unknown public networks. Encryption on mobile devices is essential, considering how easy it is to forget a phone in a cab or restaurant. Make sure employees with company phones use strong passwords to keep data on the phone safe. Use a remote locate service to track lost devices and automatically wipe them of all data if necessary. Your policies should also spell out what the company will do with the phone’s data at the end of the person’s term of employment.
SECURING YOUR WIRELESS NETWORK Wireless connectivity is another major concern in the workplace. Look at if or how employees connect to your company’s wireless network, and whether the network is secure. At minimum, make sure your network is password-protected. Companies should also examine other ways hackers could gain unauthorized access to your wireless network. If they did, would they be able to crack into any confidential data? How can you prevent that? The first steps: turn on your wireless router’s encryption setting and use a strong network key. Smartphones and mobile devices will continue to present both risk management and distraction challenges in the workplace. As technology evolves, make sure your company’s policies and procedures evolve as well, addressing current technology trends and related risks at all costs. Anne Rosso May is editor of Collector.
COLLECTOR 08.15
1
Be mindful of portable devices on the collection floor. Most collection agencies have policies in place to ban smartphones and portable storage devices from the collection floor as well as other sensitive areas, such as the server room.
2
Consider how employees’ mobile devices are gaining wireless access at work. Can somebody hop onto your wireless network and read internal data? 27
SMART WAY TO MANAGE
SMARTPHONES
AT WORK
24
ACAINTERNATIONAL.ORG
Without clear policies and procedures in place, employees’ mobile devices can pose serious legal risks to your business. By Anne Rosso May
J
ust as collection agencies grapple with challenges presented by consumers who are only reachable by their cell phones, so too must they deal with how to handle staff members who bring their personal smartphones to work and expect to use them there. Employees who expect a call from their children when they return home from school or who need to make appointments during normal business hours may have valid reasons for using their cell phone at work, especially if company policies prohibit personal use of the office landline phones. However, there are also frivolous reasons employees may want to keep their smartphones on them at work—they probably enjoy texting with their friends, playing games or checking in with their social media accounts. Smart technology presents a huge risk for companies that handle sensitive consumer information. Employees with portable devices could easily text confidential information, take pictures of consumer files or even download data from their computers. The repercussions of these actions can cost companies thousands, if not millions, of dollars.
SMARTPHONES ON THE COLLECTION FLOOR? The research firm IDC predicts that by 2017, 328 million workers around the world will bring their smartphones to work each day. Collection agencies should develop clear policies and procedures governing if, where and when employees can have their smartphones and other portable devices at work. To start, spell out guidelines for smartphone use during work hours in your employee handbook. For example, your policies should restrict or prevent collectors from bringing smartphones or mobile devices onto the collection floor or any place with sensitive consumer information. At Grimley Financial in Haddonfield, N.J., employees are not allowed to have portable devices on the collection floor. They may use them in the lunchroom and conference room, but are required to put their devices somewhere secure—most often, their car—before they walk back out on the floor.
COLLECTOR 08.15
“Employees with portable devices could easily text confidential information, take pictures of consumer files or even download data from their computers. The repercussions of these actions can cost companies thousands, if not millions, of dollars.”
25
Search. Point. Done. Introducing ACA SearchPoint A new way to access critical compliance guidance From healthcare reform to consumer lending, the regulatory environment is shifting quickly and changing all of the time. You need one resource and one location where you can gain quick access to critical compliance guidance. That resource? ACA SearchPoint. ACA’s FastFax is now ACA SearchPoint, a “2.0” version of the online service that has been re-thought to provide you with quick and easy access to the answers you need to stay in compliance with a range of state and federal regulations and reforms.
ACA SearchPoint features: A streamlined design that makes it even easier to access information Updated content on important topics from consumer protection to credit reporting Keyword tags that allow you to filter ACA SearchPoint’s robust database of compliance topics Multi-click functionality that lets you further narrow your search Quick Search: By entering document numbers in the search bar, you jump immediately to what you need
ACA SearchPoint is: Mobile: Goes where you are: Access ACA SearchPoint on your laptop, tablet, or phone Accessible: Easily save or print the documents you need Relevant: Documents are instantly updated when new information is available Exclusive: This free service is available only to ACA members
Check out ACA SearchPoint today and watch a short demo! Log in to your My ACA account and visit acainternational.org/searchpoint
ACA SearchPoint: One search of the site. One point and click of the mouse.
Search. Point. Done.
ACAINTERNATIONAL.ORG
KEYNOTES “Company-provided smartphones should be hardened for security, and companies may want to prohibit staff from downloading certain apps or software onto the phones.”
“Every once in a great while I will hear a ring from the floor, and I will go running down to find the person with the smartphone,” said Scott Brownlee, vice president and chief compliance officer for Grimley Financial. “Most of the time the person has just forgotten to put it away, but if that person ‘forgets’ for a third or fourth time, we’re going to part company because it’s that important. Today’s smartphones and MP3 players are actually substantial, portable hard drives. I’ve had to let two people go for refusing to abide by our device policy.” Some companies even provide lockers specifically for employee smartphone storage. Make sure any staff members excluded from your general mobile device policies—board members or salespeople, for example—follow the smartphone polices you have in place that do apply to them. Recently, one of First Collection Services’ vendors hired an independent third-party to inspect the collection agency’s security systems and technology. The auditor asked to take pictures of some of the company’s hardware for her files, but William “Chris” Dunkum, president of First Collection Services in Mabelvale, Ark., refused. “She was there for security, but our data security policy applies to everyone—nobody is taking pictures in that area of the building, no matter what,” he said.
MANAGING COMPANY-PROVIDED SMARTPHONES If you provide smartphones to staff members, set well-defined expectations for how employees may use those devices. For example, company-provided smartphones should be hardened for security, and companies may want to prohibit staff from downloading certain apps or software onto the phones. Discourage employees from using unknown public networks. Encryption on mobile devices is essential, considering how easy it is to forget a phone in a cab or restaurant. Make sure employees with company phones use strong passwords to keep data on the phone safe. Use a remote locate service to track lost devices and automatically wipe them of all data if necessary. Your policies should also spell out what the company will do with the phone’s data at the end of the person’s term of employment.
SECURING YOUR WIRELESS NETWORK Wireless connectivity is another major concern in the workplace. Look at if or how employees connect to your company’s wireless network, and whether the network is secure. At minimum, make sure your network is password-protected. Companies should also examine other ways hackers could gain unauthorized access to your wireless network. If they did, would they be able to crack into any confidential data? How can you prevent that? The first steps: turn on your wireless router’s encryption setting and use a strong network key. Smartphones and mobile devices will continue to present both risk management and distraction challenges in the workplace. As technology evolves, make sure your company’s policies and procedures evolve as well, addressing current technology trends and related risks at all costs. Anne Rosso May is editor of Collector.
COLLECTOR 08.15
1
Be mindful of portable devices on the collection floor. Most collection agencies have policies in place to ban smartphones and portable storage devices from the collection floor as well as other sensitive areas, such as the server room.
2
Consider how employees’ mobile devices are gaining wireless access at work. Can somebody hop onto your wireless network and read internal data? 27
