Keep your Company Devices Safe from Threats with These Proactive Steps
Gone are the days when the most sensitive information on an employee’s phone was contact names and phone numbers. Now a smartphone or tablet can be used to gain access to anything from emails to stored passwords to proprietary company data and trade secrets. With the advent of 5G technology making accessibility easier and faster, more and more companies are poised to adopt mobile technology as a normal part of business.
Depending on how your organization uses such devices, unauthorized access to a smartphone, tablet or other IoT device can lead to a catastrophic cyber-incident involving an organizations entire IT infrastructure. While it’s important to implement cybersecurity safeguards as a whole, the following measures will help you avoid security issues with mobile devices in particular and keep your data safe.
1. Establish a Mobile Device Security Policy
Before issuing smartphones or tablets to your employees, establish a device usage policy. Provide clear rules about what constitutes acceptable use. Include what actions will follow if employees violate the policy. It is important that employees understand the security risks of smartphone use and the security measures they can take to mitigate those risks. Well-informed, responsible users are your first line of defense against cyber attacks.
2. Establish a Bring Your Own Device Policy
If you allow employees to use their personal devices for company business, make sure you have a formal Bring Your Own Device (BYOD) policy in place. Your BYOD security plan should also include:
- Requirements for installing remote wiping software on any personal devices used to store or access company data
- Education and training for employees on how to safeguard company data when they access wireless networks from their own mobile phones and devices
- Data protection practices that include requiring strong passwords and automatic locking after periods of inactivity
- Protocols for reporting lost or stolen devices
- The use of certain antivirus and protective security software
- Requirements for regular backups
- An approved list for those who want to download apps
3. Keep the Devices Updated with the most Current Software and Antivirus Programs
Software updates to mobile devices often include patches for various security holes that can be an open door for mobile malware and other security threats. Therefore, it is a security best practice to install the updates as soon as they become available.
When it comes to antivirus software for mobile devices, there are many options to choose from and it can come down to preference. Some are free to use from the app store while others charge a monthly or annual fee and often come with better support.
In addition to antivirus support, many of these programs will monitor Short Message Service (SMS) texts, Multimedia Messaging Service (MMS) and call logs for suspicious activity. They can use blacklists to prevent users from installing known malware to their devices.
4. Backup Device Content on a Regular Basis
Just as you backup your computer data regularly, so should you backup data on your company’s mobile devices. If a device is lost or stolen, you’ll have peace of mind knowing your valuable data is safe and that it can be restored.
5. Choose Passwords Carefully
In the U.S., the average email address is associated with 130 online accounts. Those numbers are astounding, yet the average internet user reuses a handful of passwords to protect them all. Obviously, this lack of security awareness is what hackers count on to steal data. Use the following tips to ensure your mobile device passwords are easy to remember and hard to guess.
- Require employees to change the device’s login password at least every 90 days
- Implement two-factor authentication to verify a user’s identity
- Passwords should be at least eight characters long and include uppercase and lowercase letters, numbers and special characters, such as asterisks, exclamation points and pound signs
- Don’t use simple number sequences such as “12345,” or names of spouses, children or pets in a password. A hacker can spend just a couple minutes on a social media site to figure out this information.
Because of the convenience they offer, smartphones and tablet devices have become a constant presence in the modern business world. As usage soars, it becomes increasingly important to take steps to protect your company and its sensitive data from mobile threats, both new and old. Use our cybersecurity tip sheet for even more ideas to thwart would-be hackers. Just click the link below.
Lastly, even with the best security solutions in place, there’s never a 100% guarantee. It’s important to protect your company from the liability risks associated with a cyber attack, whether it be through an employee’s mobile device or your company server. Talk with a strategic risk advisor at McClone today to assess your risk and offer additional solutions.
Editors Note: This post was originally published in July 2019 and has been completely updated and revamped for accuracy and comprehensiveness.
Topics:
