Mitigating Risks to Toy Businesses Caused by Mobile and Handheld Devices

November 30, 2013 | While most businesses focus on desktop security and the prevention of data loss over web and email channels, mobile devices require just as much attention, according to Benjamin Thrush, vice president of business development at HUB International Northeast, the official insurance broker of the Toy Industry Association (TIA).

“Tablets and iOS devices are replacing corporate laptops, as employees bring their own devices to work and access corporate information,” said Thrush. “These devices increase the potential for a breach of sensitive data and product designs.”

Lost or stolen devices, mobile malware, and web-based threats (including phishing scams and downloads that occur by visiting malicious websites or via a vulnerable flash player, PDF reader or image viewer) are the biggest concerns that organizations face when it comes to handheld and mobile devices.  Toy designs and production or marketing plans are all at risk should a device fall into the wrong hands.

According to Thrush, only about 30% of companies in the U.S. have mobile device usage policies for their employees. “Businesses that have not already done so should create specific employee guidelines regarding mobile devices for both business and personal use,” said Thrush.

Step 1: Educate Employees
Creating an appropriate policy involves identifying risks, describing how mobile devices connect to the corporate network, detailing the type of company data that can be stored on a device, listing tips on protecting devices, and providing instructions on how to report a lost or stolen mobile device so that it may be remotely disabled.

Businesses should also ensure that employees who use mobile devices to access the Internet follow the same protocols as when they are using a computer, primarily by avoiding untrustworthy applications that could contain malicious software.

Step 2: Secure Networks and Obtain Insurance
Businesses must also ensure that their networks are secure by implementing data encryption, strengthening passwords, and protecting access from unauthorized individuals.

Finally, companies are encouraged to obtain proper insurance that provides coverage for a data breach caused by a lost mobile device or by syncing a company’s mobile device to an employee’s personal computer. Existing cyber insurance policies should be reviewed to ensure that they include specific coverage for the use of mobile devices.

“Proactively identifying potential mobile device exposures and implementing the necessary security controls and enforceable policies will allow your toy business to mitigate risk,” added Thrush.

TIA members who have questions or would like a free analysis of their current insurance policies may contact Benjamin Thrush (benjamin.thrush@hubinternational.com / 212.338.2260). Additional information on HUB Northeast’s insurance offerings to the toy industry is available online at www.hub-tia.com.