Balancing Convenience and Compliance

Home > Tango Networks Blog Balancing Convenience and Compliance

46.jpg

 The rise of the mobile, digitized enterprise has brought about a host of benefits paired with a host of challenges.

 When digitizing assets like operational data, financial data, patient records and others, you are increasing employee access to information and enhancing their ability to get things done. But you also are changing the security profile of this information, and creating potential paths for data theft.

 When you expand access to enterprise systems to non-traditional devices in non-traditional locations – like an employee on a personal tablet in Starbucks – how do you ensure compliance with privacy regulations?

 And if you permit employees to use their personal phones to discuss sensitive matters with a client, like information that is subject to privacy or monitoring rules, how do you ensure compliance with communications recording and logging requirements?

 This last example is a chief consideration when you take your enterprise Mobile First.

 Mobility Front & Center

 Mobile First enterprises make mobile devices the centerpiece of employee communications. That naturally means data communications and applications traditionally used on desktop computers will change.

But it also has an impact on voice communications, an essential tool in almost every organization of any type. Going Mobile First in communications means making the mobile device the primary end-point for voice and other unified communications applications.

The best practice in enterprises adopting Mobile First policies is to strike a balance between the convenience of mobile communications and the compliance rules that govern which communications should be logged and archived.

Striking the Balance

The need to enforce policies in the mobile communications context becomes even more pressing in an organization that permits Bring Your Own Device. As detailed in TechTarget’s extensive writing on BYOD topics, there is a range of risks and rewards to consider, many of which are highly dependent on your organization’s specific industry and regulatory environment.

But to explore a use case, let’s consider a mobile financial services worker, such as a financial planner or broker.

The financial services firm our broker works for makes it mandatory that all communications with clients dealing with financial transactions are logged and recorded.

The most restrictive policy to comply with this mandate would be to deny the broker the right to use a mobile device of any sort for these communications. All communications with clients must take place with a designated desktop phone so that the IT department’s centralized call logging and recording devices can ensure compliance.

But this approach does not achieve a practical balance between convenience and compliance. If the broker complies with the rule, then his responsiveness, ability to meet with clients outside the office, and general reachability are severely curtailed. And everyone in IT at any company probably suspects that employees will use devices that are not necessarily authorized at various times. 

At the opposite extreme, an organization may permit the broker to use his own device for calls with clients, placing convenience and the need to get business done above the compliance rule. Obviously this puts the organization at grave risk of security and compliance violations and so is not an acceptable approach.

Both Convenient & Compliant

The right balance is to permit mobile device usage but put in place controls that enforce the same policies as on the desk phone.

That means logging and archiving calls as required, even when the calls take place on a personal device.

The Kinetic Communications Platform from Tango Networks was designed from the ground up to provide simple and effective policy compliance for users on mobile devices.

It includes the ability to:

  • Record enterprise voice & text communications on mobile devices, even BYOD, using your existing recording appliances.
  • Ensure compliance with regulatory and quality requirements, such as call monitoring and logging.
  • Deploy policy-driven communications to reduce risk, enforce safe practices, and meet organizational objectives, including prohibiting mobile calls when necessary for safety or compliance purposes. 

If you plan to attend this year’s Mobile World Congress, be sure to stop by our Pod #7UP.66 to check out the Kinetic Communications Platform

In the next blog post in this series, we will explore how a Mobile First strategy can align communications with enterprise application workflows for more efficient operations.

Download the latest Trend Advisor on Mobility for the Modern Enterprise.

Download

Tagged : security, enterprise, Mobile-First, mobility, compliance