1Companies Must Step Up Mobile GDPR Compliance Efforts, Lookout Finds
The European Union on May 25, 2018, will begin enforcing its General Data Protection Regulation (GDPR), a stringent set of data protection and privacy rules with which organizations will need to comply. Those rules apply equally to all forms of digital data, whether that data is in the cloud, on a desktop on in a mobile device. “Finding GDRP Noncompliance in a Mobile First World,” a new report by mobile security firm Lookout, found that organizations have been overlooking mobile when considering their GDPR compliance efforts. In fact, the study, which included responses from 2,062 IT professionals, found that 84 percent of U.S. security and IT executives believe that personal data accessed on employees’ mobile devices could put their company at risk for GDPR noncompliance. In this slide show, eWEEK looks at some of the highlights of the Lookout report.
2GDPR Will Impact U.S. Companies
Although GDPR is a European Union initiative, it will impact U.S. organizations that do business in the EU. According to Lookout’s research, 73 percent of security and IT executives who reported they have employees, customers or partners based in the EU believe they will be impacted by GDPR regulations.
3Mobile Data Is a GDPR Compliance Risk
4Enterprise Apps Are Widely Used on Mobile Devices
5Mobile Users Engage in Risky Behavior
6Mobile Devices Are Often Hacked
Thirty-two percent of employees who hold the position of vice president and above admitted that their mobile devices have at some point been hacked or compromised. Since personal data is located on mobile devices, organizations must secure their mobile endpoints to address GDPR requirements, Lookout emphasized.
7Personal and Work Data Overlap
The potential for privacy leakage is further compounded on mobile devices, since many users have both personal and work data on the same device. According to the survey, over 70 percent of U.S. employees reported that they use the same phone for personal and work purposes. In addition, 81 percent of U.S. security and IT executives said their employees are approved to install personal apps on work-approved devices.
8Gain Control of Corporate Data on Mobile Devices
Given the fact that personal and corporate data often are both present on a mobile device, Lookout recommends that organizations have a robust mobile management platform in place in order to be compliant with GDPR. Lookout also suggests that organizations have the tools in place to be able to take immediate action to mitigate risks to corporate data on mobile devices.