Misconception 2: Personal Data in Mobile Access

Personal Data Misconceptions in Mobile Access​

In our last article, we talked about how mobile access control (using your smartphone to open doors) is better than traditional methods and how to restore access if your smartphone is lost or stolen. In this article, we will discuss how companies make sure mobile access apps on smartphones are secure while also protecting the owner’s personal information.
Before we start, here are some main points from the last article:
  • Smartphones are a popular choice for secure access control because they can replace keys and RFID credentials.
  • Mobile access is easy to adjust and cheaper to manage than traditional methods.
  • Mobile access allows employees to enter physical and digital spaces using their smartphone as a credential. It uses NFC or BLE technology to confirm permission.
  • If an employee’s smartphone is lost or stolen, their access can be immediately revoked to prevent unauthorized access to company properties.
  • It’s a good idea for companies to have two-step authentication to make sure only authorized people can use the mobile access app. For example, a PIN can be required before using the app.

Is Personal Data Vulnerable When Using Mobile Access Control?

Previously, we discussed what to do if your smartphone is lost or stolen. Now, let’s talk about how companies like Prox Access Security provide a secure mobile access application for your phone.
Some companies worry about their mobile access system being vulnerable if a smartphone is lost or stolen. To help protect against this risk, these companies can require users to unlock their phone and open the mobile access app before the app can be used. This means the user needs to use a PIN or biometric to open their phone, making it less likely that an unauthorized person will be able to use it.
This type of access control feature is especially helpful for “bring your own device” (BYOD) employees who need extra security. It works with corporate policies to provide a consistent experience and manage risk. Employees who bring their own phones to work should follow the same protection rules.
Some employees may be hesitant to install a corporate app on their phone because they think the company will be monitoring them and they want to protect their privacy. For example, they may ask why “location services” need to be enabled on the app. It’s important for them to understand that this is just to allow the app to easily use Bluetooth and provide the best phone performance.
If you have an iPhone, you may know about a feature that lets you locate your phone if it’s lost or stolen. One part of this feature is the ability to remotely erase app data, which will also delete the mobile access app. This works even if the phone is off or appears to be dead.
Access control companies always try to protect your company’s access control system and personal information. Reputable companies that provide mobile access apps are careful to protect all personal information stored on their platform. Make sure your chosen company has a public privacy policy that explains what limited information is collected, why it’s collected, and how it’s protected or made anonymous.
Look for compliance with security policies and laws, like the General Data Protection Regulation (GDPR) in Europe, which protects individual privacy for all citizens. Trustworthy companies will be transparent about the information they collect on behalf of the individual and let their customers know what data is and isn’t collected. These companies can be trusted partners for developing a mobile access control policy and addressing mobile access issues.

The Advantages of Collaborating with a Mobile Access Provider

Ultimately, it’s the phone owner’s responsibility to protect both company access and personal information on the smartphone. If the phone is lost or stolen, the owner needs to tell the company’s system administrator. This is true for keys, traditional access control cards, fobs, or tokens.
The administrator will use tools in their system to prevent unauthorized access to the company’s buildings and systems, while also protecting personal and company data.
Mobile access providers should also help protect company access and employee personal data. They should make sure their mobile access platform has policies and workflows that support customers and all mobile access users.
You can trust global access control providers to help protect company access and personal data. They are partners who can help you solve any access control system problems. This collaboration is good for everyone.

Are you ready to learn more about STID Mobile Access?