Digital devices turn up the heat on corporate risk managers

  • Article by: DAVID PHELPS , Star Tribune
  • Updated: October 19, 2013 - 12:12 PM

Employees with digital devices can become the targets of hackers and thieves. Risk managers are feeling that heat.


One of Christopher Jeffrey’s specialties these days is advising clients on how to protect confidential information that employees carry on mobile devices.

Photo: David Joles, Star Tribune

CameraStar Tribune photo galleries

Cameraview larger

More and more, people are walking sources of data, some trivial, some highly confidential. It’s in their iPhones or their laptops or the tablets they carry from home or from work.

In recent years, a Minnesota hospital and a nonprofit in the health field separately had laptops stolen that contained patient information, including Social Security numbers. A department store had credit card information stolen.

Protecting that data is a new cottage industry.

Christopher Jeffrey is a partner in the Minneapolis office of the accounting and advisory firm of Baker Tilly who works with corporate clients in reducing the potential for data breaches. Jeffrey and Washington, D.C.-based Baker Tilly senior manager Mike Cullen last week talked to the Star Tribune about the security challenges in this data-driven world.


Q: How would you describe the level of interest in mobile device security these days?

Jeffrey: It’s a conversation that I’m having with most of my clients right now. I currently have three to four projects involving the mobile device issue. This is an issue that is hitting the audit committee and senior management levels of my clients. Look at workers — everyone is carrying an iPhone or an iPad or a laptop. Many carry two or three of those devices and more and more security is something that companies have to deal with.

Cullen: There’s a recognition now by companies that data has a real value for consumers, for competitors.


Q: How long has this issue been percolating?

Jeffrey: It’s something that started coming up in the last couple of years but in the last eight to 12 months corporate boards and senior management have realized that there is a risk here that they need to be concerned with.


Q: How do you address those risks?

Jeffrey: It starts with good internal policies and procedures. People are bringing their own devices to the workplace and you need to know how that phone, for instance, interacts with your IT system. You need a procedure to manage each employee’s devices that allows the company to wipe data from a phone if it is lost or stolen or shut the port.

We have an app called Airwatch for an iPhone. Data is never actually in the phone. It’s like accessing a website. It allows me to view data instead of storing it. The IT department can shut the app off if need be.

Cullen: The number of devices per person has exploded. There’s literally a new iPhone every month, which leads to issues with security. Solutions like Airwatch allow us to manage different devices.


Q: Are there horror stories about data breaches?

  • get related content delivered to your inbox

  • manage my email subscriptions





Connect with twitterConnect with facebookConnect with Google+Connect with PinterestConnect with PinterestConnect with RssfeedConnect with email newsletters