Blackberry's new phone, dubbed the "Classic," includes the company's signature push-button keyboard and trackpad along with some sleek, new security under the hood. According to ZDNet, Blackberry is hoping businesses and government contractors who need a security-focused phone will be willing to sacrifice some customization for its more secure platform.
The struggling company's renewed focus on security highlights that cyber liability exposure will continue to be a big deal in 2015 and beyond. After hearing about data breaches in the news, many clients will have serious concerns about their data and mobile security. IT pros working with small businesses should…
- Be able to speak to the relative advantages of choosing variously secured mobile devices for work purposes.
- Understand mobile security extends beyond the need to stay current.
- Manage their professional liabilities.
As an IT professional, you can be sued when client data is exposed. Whether it's a cyber attack, accidental disclosure, or data leak caused by malfunctioning software, a security breach could lead to an expensive lawsuit against your company.
Understanding Mobile Security Risks for Small Business Clients
The issues facing Blackberry may not seem directly relevant to an IT contractor, but they are. Generally speaking, the smartphone platform is more than a little flawed. Inherent security risks – such as third-party apps, theft, and open Wi-Fi connections – can threaten your clients' data.
Blackberry is able to get government contracts because these organizations are willing to sacrifice customization and function in order to get more security. Blackberry phones have a reputation for being primarily email and calendar devices. The platform is stripped down to prioritize security, and new hardware in the devices is integrated to enable robust email encryption (Blackberry purchased a German encryption company and is now using their chips).
While that's great for Blackberry, the reality is that your clients probably won't want a smartphone that lacks apps. Unless you work with security-obsessed clients, you're probably providing IT for iPhones and Android devices. You're also likely working for clients who allow employees to use their own devices at work (aka a Bring-Your-Own-Device workplace). That's the typical small-business office. And it's fraught with risk.
Covering Your Professional Liabilities as an IT Consultant
Data security risks are an inescapable part of your job, so you'll need to limit your risk and have a contingency plan ready in case your clients suffer a data breach.
You'll need to approach data security risks from two angles:
- For your clients. Security audits, data breach response plans, and other measures are important, but clients also need something to protect them from the cost of a data breach. Many businesses have Cyber Liability Insurance (also called Data Breach Insurance), which pays for the cost of responding to a breach. If your clients store customer information, health records, or transactional data, Data Breach Insurance can provide them with financial security. If they're hacked, their insurance can pay for breach response, crisis management, and forensic investigations.
- For your business's risks. Because IT consultants can be sued after a client's data breach, many carry Errors and Omissions Insurance (sometimes called Professional Liability Insurance). Technology E&O Insurance pays for your business's legal fees and other costs related to a lawsuit. For instance, if your client sues you over their data breach, your insurer can pay for the damages.
For free quotes on Cyber Liability Insurance, Professional Liability Insurance, and other technology insurance policies, use TechInsurance's online insurance application.