The world is going mobile. Gartner forecasts that tablets such as the iPad, which are revolutionizing the way we consume our information, will reach 1 billion users by 2015. Smartphones will reach more than 2.5 billion. So what does this mean for the banking industry?
On one hand, this means it is now easier for everyone to quickly access information from anywhere. This applies to bank customers accessing statements and mortgage documents, as well as bank employees, executives and board members accessing customer data, credit information, financials and more. Many innovative services can be delivered on these new platforms, and we see more applications being released every day.
On the other hand, iPads, iPhones and other mobile devices introduce new threats and regulatory issues. When adding mobile devices into the mix, banks face a threat that is even more serious: mobile devices are more easily lost or stolen, they can be used anywhere, and they don’t have many of the security technologies used on PCs.
So what do banks need to ask themselves?
- What will happen to confidential and personal customer documents if a mobile device is lost or stolen? Many different types of sensitive documents are stored on notebooks, tablets and smartphones. When working outside the office or visiting clients, bank employees may download documents to a mobile device to have on hand as a reference. It is therefore crucial for bank IT teams to be able to remotely control such documents, especially if a device is lost or it is stolen.
- What will happen to sensitive documents when an employee leaves the company? The vast majority of documents are consumed without applying any protection to them. Consequently, an employee could potentially copy, print or otherwise remove such documents and keep them even after he or she is no longer with the bank. This is why banks must be able to control and track the whereabouts of their documents and be able to destroy them wherever they are, on any device.
- Can employees leak sensitive information to unauthorized parties? In the vast majority of cases, information gets into the wrong hands inadvertently -- a statement is sent to the wrong e-mail address or an internal document is posted somewhere public or placed into a personal service such as Dropbox. Some insiders may also have darker motives. Either way, document distribution must be controlled. Insiders should not be able to forward documents freely, or copy or print them; an audit trail must be maintained for security and compliance.
Banks have a lot of security in place, no doubt. But new technologies and new requirements may render some of that security obsolete. With the explosion of mobile device usage, the risk of confidential information leakage has grown dramatically. Recent incidents, such as the memo leak from Bank of America in 2011, demonstrate how easy it is for documents to fall into the wrong hands, generating massive loss in value, management distraction and significant reputation damage. However, this does not mean that banks should be excluded from the many benefits mobile technologies offer.
A new generation of products puts in place persistent controls around any document sent inside or outside the organization, providing data-centric security. These technologies restrict document distribution by controlling how files are downloaded, copied, printed or forwarded. Such technologies allow secure access to confidential documents via mobile devices, such as iPad, iPhone, BlackBerry and Android, making it possible to track documents’ whereabouts at all times and, if necessary, destroy them remotely – even after they have been downloaded.
For example, a global bank based in Europe is using a document security solution to deliver board packets and other highly sensitive documents to top executives and board members' personal iPads, allowing stakeholders to easily search the documents as well as make and share secure annotations. This solution also allows wealth management advisors to access confidential documents from tablets when visiting clients, eliminating the need to print and carry stacks of financial records. This practice allows the bank, its employees and board members to securely leverage today’s mobile technology while reducing the bank’s paper waste and shipping costs.
Banks no longer need to fear the mobile revolution. With the right security tools in place, financial organizations can use mobile technology to streamline business practices, reduce costs and go paperless.
Ryan Kalember is chief product officer at WatchDox, a provider of document control, tracking and protection solutions.