Remote and hybrid working is here to stay. Although there is an increased influx of employees returning to the office, it is not the same as before. Work-from-home opportunities and flexible working hours are a reality that is reflected in the job market, and it's easy to see why.
Changes in the way people work, understandably, have an impact on other areas, one of which is mobile device security.
Even before Covid, mobile phones were being used for work purposes. Whether it's checking emails on the train or taking client calls on the go, mobile phones are an indispensable piece of technology for many businesses.
Device security is required for any device that accesses work data. Are your company's mobile security measures effective enough? Here are six practises you should implement in your business.
1. User authentication
Whether it's a company-supplied device or a BYOD (bring your own device) policy, you need to think about authentication and how you're doing it. Companies must establish clear guidelines for what devices users should use to protect company data.
Passwords, pins, and biometrics are all options for authentication (face or fingerprint recognition). Implementing at least one of these is the first step towards preventing a data breach caused by a lost or stolen phone. You could also implement two-factor authentication.
It is also critical to have procedures in place for when employees leave, such as wiping their credentials as soon as possible.
Passwords are useful for authentication, but remembering multiple passwords for various devices and applications can be difficult.
A password manager enables users to keep all their passwords in one safe place. Keeper, for example, provides a digital vault for storing passwords, financial information, and sensitive documents.
2. Mobile managed service
It is worthwhile to consider a mobile managed service. Mobile Device Management (MDM) puts you in charge of remotely monitoring, managing, and configuring devices.
If a device is stolen or lost, MDM provides peace of mind by allowing remote lock and wiping. Having a remote lock and wiping company policy in place can be critical for security, especially if your employees' devices are your property.
Employees who use their own devices must grant the company permission to delete all data stored on their device, including personal files, if it is lost or stolen.
3. Cloud services – updating operating systems
It is critical to ensure that your cloud services are regularly backed up.
Regular updates are essential for fixing bugs and completing security patches. They are not always automatic and may require a manual approach to schedule them or enable automatic updates and reminders. Devices are vulnerable to new malware and security breaches if they are not regularly updated.
Action1 provides a 100% cloud-based architecture for managing, patching, connecting, reporting, and alerting on any device from anywhere at any time.
4. Public wi-fi and mobile device security
Working from different locations on a mobile device is extremely convenient, but as previously stated, it complicates keeping business critical data safe.
Hybrid and remote working may require the use of public Wi-Fi; however, a public network is a much more vulnerable connection, posing greater risks of data interception from fake Wi-Fi set up by hackers.
If it is unavoidable, then carefully consider what work is accessed on the public network. Staff education on the risks of public networks and what they access can help reduce risk.
Businesses should consider their own networks on premises in addition to public Wi-Fi. Providing a guest network rather than allowing visitors to use your primary connection is a good precaution to take.
5. Employee awareness of mobile device security
Mobile devices for business are a useful tool, and it is critical for businesses to strike the right balance between security and convenience.
Employees are critical to mobile device security, so keep them up to date on company policies and procedures.
- Be cautious when granting permissions in apps
- Install as few apps as possible
- Reduce exposure by disabling unnecessary features such as Bluetooth, Wi-Fi, and location services
- Form the habit of blocking untrustworthy apps
- Avoid connecting to unidentified removable media
- Learn how to identify phishing scams. Companies like KnowBe4 are experts in security awareness training
Do all businesses need to think about mobile device security?
How far you need to go with mobile device security all depends on the work you do. A security breach, in any form, is costly, stressful, and can result in downtime and reputational damage.
Contact a member of the Brigantia team to learn more about the services that can help your business's mobile use.