To understand why it’s so challenging for financial services firms to develop a mobile strategy, look no further than the alphabet soup of laws they have to comply with in the U.S,: HIPAA, SOX, SEC, GLB, the Dodd-Frank Act and more. For those doing business abroad, compliance laws include the FCA, FSA and MiFID II, to name just a few agencies.
These laws create challenges by extending requirements that were fairly straightforward in the wired world to the mobile domain, where they translate into newer complexities for firms. For example, it’s one thing to secure a desktop PC, which is static, and quite another to be able to remotely erase business data on a lost or stolen tablet or smartphone.
Those challenges grow exponentially when banks, brokerages and other financial services firms allow employees to use their personal smartphone, tablet or wearable for work. Financial services firms were among the first types of organizations to implement bring-your-own-device (BYOD) policies. Today, 74 percent of the businesses in a Tech Pro Research survey either had a BYOD policy or planned to implement one this year.
BYOD creates another layer of challenges simply because people regard their smart devices as highly personal, a perception that affects everything from regulatory compliance to security and employee trust. For example, financial services firms could use mobile device management (MDM) and enterprise mobility management (EMM) platforms that remotely erase all data on stolen or lost employee-owned devices. But, this heavy-handed approach worries employees because businesses have complete access to their personal voice and text messages as well as contact list information creating an invasion of privacy. Plus, they fear that their personal photos, messages and other data could be lost if their phones need to be wiped in the event that they are compromised, lost or stolen. Employees have also been very much against their personal communication being archived with corporate information.
However, financial services firms shouldn’t let these challenges prevent them from achieving BYOD bottom-line and competitive benefits—and there are lots of them. One example is greater responsiveness to colleagues and customers, without the enterprise incurring upfront costs of buying smart devices for employees. Another BYOD benefit is satisfied clients who will appreciate that brokers can respond immediately to them, instead of hours later when a change in markets has eliminated a buying or selling opportunity.
Granted, it’s possible to achieve many of those benefits by purchasing smartphones and tablets for employees. But employees have embraced and prefer the BYOD mobile strategy because they have an affinity for their personal device. It’s truly an extension of their lives—both personal and professional. The more you can integrate—and secure—those two mobile personas, the better for the enterprise, employees and customers.
In a recent case study published by Good Technology1, multinational insurance company RSA Insurance Group determined that a BYOD strategy was the best way to increase productivity by allowing employees to work with their device of choice. To help ensure a successful BYOD implementation, RSA Insurance Group selected Good Enterprise Suite, which includes Good for Enterprise® for corporate email, calendar, and contacts; Good Share™ for file sharing; and Good Access™ for intranet access.
“The Good solution was the easiest to use as well as the easiest to deploy, which made both our users and technical team very happy,” says Jorge Martillo, Regional Infrastructure Manager for Latin America RSA Insurance Group.
He goes on to say that employees appreciate the BYOD environment. RSA Insurance Group employees who receive a company-owned iOS or Android device for work are also allowed to use it for personal apps. Instead of two phones, they have just one. “That puts a smile on their face,” said Martillo.
The Dual Persona Touch
To balance employee concerns with business and regulatory realities, financial services firms should take a “dual persona” approach to BYOD by clearly separating work and personal calls, text messages, emails and other usage. Through the use of a separate Mobile Business Number assigned to employee-owned phone, all business communication can be stored in a separate location on the device, allowing businesses to only have access to work-related data and not the employee’s personal data. This ultimately gives employees the freedom to have secure on-the-go business communications without compromising their personal information and allows the business to secure and maintain sensitive business data.
Typically, dual persona technology is enabled through the use of mobile apps. Secure, mobile, enterprise-level apps enable organizations to apply policies and controls only to the work persona on an employee-owned device. Examples of policies for a brokerage include recording and archiving calls related to financial transactions to meet regulatory compliance. The ability to have a business-only number enables organizations to track and archive work-related communications, meeting compliance and industry regulation concerning the use of mobile devices in the workplace.
Although BYOD’s business case centers around data services, don’t overlook the importance of voice, including phone numbers and business contacts. Suppose a broker leaves for another firm. His or her mobile number was the first number that clients called when they had a question, and now those calls will follow them to the new firm. That sets the stage for those clients to switch brokerages.
That’s why it’s important to look for mobile solutions that can assign a second, business-only number to an employee-owned smartphone. When that employee leaves, that business number stays with the organization that issued it. This helps drive client retention and business continuity for the enterprise.
Arm your Mobile Workforce
Today’s tech-savvy workforce craves greater flexibility and technological agility, making it imperative that industry leaders integrate a mobile strategy into the business tools offered to employees.
If you're doing nothing about BYODs, recognize that your employees could still be using their personal devices. Don’t let your on-the-go workforce define your organization’s mobile strategy. Be proactive and learn about all of the business tools and apps that can make it easier for you to partner with your employees to deploy a secure BYOD policy that keeps business and personal communications completely separate.
1Insurer Embraces BYOD While Meeting Strict Industry Security Requirements, case study by Good Technology, 2015 https://media.good.com/documents/cs-rsa-insurance.pdf