As flexible work options continue to grow, more and more Canadians are using smartphones to loop in with teams, connect with customers and keep projects moving forward while on the road. Work-life balance is on the mend, productivity is on the rise and both employees and employers love the emerging trend.

As you may recall, a few weeks ago, TELUS partnered with Harris Decima to conduct a survey exploring attitudes and opinions regarding flexible work.

Key findings from the survey

• 47% of respondents work remotely at least a few times a month.
• 46% of workplaces currently offer a flexible working program.
• 89% of employees agreed that allowing for flexible work makes a company more attractive to work for.
• The majority of respondents say they are just as productive (48%) or  more productive (39%) when working outside the office.

As illustrated by the survey results, the benefits of mobile working are clear – elevated morale and job satisfaction, improved productivity and lower emissions. However, in order to fully enjoy the benefits, companies need to practice due diligence to safeguard themselves against the risks.  One of the most common risks when dealing with mobile teams is smartphone data security.

Below is an overview of 10 of the most common smartphone security risks and tips for dealing with them (via ComputerWorld.com):

1. No configuration management plan. 

Tip: Responsibility for managing smartphones should be given to the same staffers who provision and manage PCs.

2. No power-on password, or a weak password policy. 

Tip: Several vendors' device management consoles allow you to configure password complexity rules and password reset questions and answers.

3. No inactivity timeout/auto-lock. 

Tip: Timeout policies should be enforced over the air through your device management console, so that the enterprise can maintain near-real-time control.

4. No auto-destruct/data-wiping plans. 

Tip: Two methods should be used: over-the-air commands and locally initiated wipes. The latter should occur after a password has been entered incorrectly a certain number of times or when a device has been off the network for a predefined amount of time.

5. No memory encryption rules. 

Tip: Major enterprise smartphone operating systems provide settings for enforcing encryption.

6. No master plan for backup and synchronization. 

Tip: Use a secure, over-the-air backup-and-restore tool that performs periodic background synchronization.

7. No e-mail-forwarding barriers.

Tip: Forwarding of e-mail and attachments can be regulated with server-side settings of a corporate e-mail system, and additional filtering is available through commercial data loss prevention filters.

8. No application certification rules. 

Tip: Private keys can be used to restrict which applications are allowed to install or execute.

9. No default browser permission rules. 

Tip: Choose browser default settings that comply with company policy when phones are provisioned, to avoid providing an entry point for malicious code.

10. No plan for dealing with smartphone diversity. 

Tip: Set a policy that defines what levels of support different devices will receive. Assign smartphone support to a single IT group.

What do you think? Do the benefits of mobile working outweigh the costs?  Have you ever encountered a smartphone security breach?  If so, we’d love to hear about some of your key learnings.