Mobile security should be a concern for most mobile users, especially due to the ever-increasing sophistication and volume of cyber threats in existence.
It is not surprising that as we continue to use our phones and tablets more and more for things such as remote working, criminals are targeting mobile devices for malicious virus and malware attacks. It is therefore important that we take steps to safeguard against risks that could result in data loss or breaches. Stay one step ahead with this guidance for protecting your data on both iPhone and Android operating systems while you carry out work on the go.
Keep devices updated
Regardless of which operating system your device uses, always keep its software up to date with the latest version available. Mobile operating systems provide regular updates to devices that resolve security threats and system vulnerabilities. These upgrades aren’t always updated automatically, so mobile devices users may need to turn on automatic updates or update their phones and apps manually on a regular basis.
Reinforce passwords with Two-Factor Authentication and Biometrics
Weak and easily-guessed PINs or passwords can make it easy for rogue parties to gain access to your mobile devices.
Utilising Two-factor authentication or Biometrics in addition to a password or secure pin is a straightforward way for your business to begin developing a layered mobile security strategy.
Use a password manager to manage and store strong, secure passwords for your various applications and services. You will then only need to remember your master password to access the others from either your phone or computer. Pair this with MFA or biometrics it will take your security footprint to the next level.
Stay official and avoid jailbroken devices
While jailbreaking a smartphone can enable a user to run unverified or unsupported apps, many of these apps carry security vulnerabilities. Most security exploits for Apple’s iOS only affect jailbroken iPhones. Be wary of any applications downloaded from third-party sources, as this is the easiest route utilised by nefarious parties to access or infect your mobile device. For Android users, it is best to stick with the Google Play Store when downloading new apps and for Apple users, the Apple App Store. Ensure that your phone remains locked down, as opposed to being jailbroken.
Add a Mobile Security App
Investigate and select a trustworthy mobile security app that extends the built-in security features of your device’s mobile operating system. Most well-known third-party security vendors offer mobile security apps for iOS and Android.
Don’t be caught by Phishing Schemes & Malware
Avoid being a victim to phishing scams and malware threats. Refrain from clicking on links or opening e-mail attachments from unknown or untrusted sources, as they may be from a fraudulent source masquerading as known or legitimate entities.
Utilize Encryption
Enable encryption for data stored on the mobile device as well as for data in transit, with secure technologies such as a VPN. It’s also best practice to never transmit sensitive or personal information over a public Wi-Fi spot, especially one that is unsecured, without using a secure transmission option like VPN.
Separate Work and Play
Effective mobile security ensures your business data is protected even when running on your employees personal devices by partitioning the corporate applications and data into a secure container with a MDM (Mobile Device Manager).
Containerisation, for example, allows mobile devices to create separate workspaces of business applications and content that can be centrally protected and managed. Administrators don’t need access to an employee’s personal applications or data and can therefore provide the optimum mix of flexibility and security. This lets IT departments lock down sensitive company information and applications, while letting employees maintain confidence in their personal privacy.
When employee decides to leave the organisation or is removed, the IT function can simply remotely remove the corporate elements from the device with the MDM platform and leave the ex-employee’s personal data unaffected.
Keep Policies Current
If your employee(s) succumb to a phishing scam and get locked out of their devices, or data loss occurs due to settings being tampered with, the company will probably be swiftly updating and outlining the mobile security policy for everyone to follow.
The most successful organisations stay on top of security issues and get in front of them from a policy perspective rather than wait until disaster strikes. An annual review of your mobile security policy is recommended, to take stock of your ability to monitor device/app usage, the corporate footprint on business and personal devices with business apps, and points of vulnerability within your organisation.
Then, look to the future of how new devices might be integrated into your business as part of new employee onboarding or device upgrades across a department or departments. Ensure policies are updated and well documented. Also ensure employees are held accountable for reviewing and complying to the policy.
Communicate your Security Best Practices
Within your business environments, it’s essential for your IT staff to ensure the company’s policies and security best practices are clearly communicated to employees so that they are informed of what to do and what is not acceptable in terms of protecting the security of their mobile devices and their data. In addition to explaining best practices, this communication should also include which apps, BYOD and BYOC solutions are permitted in the work environment and which aren’t allowed for use.
We are here to help
Mobile cloud computing means that data can be available at our fingertips anywhere, anytime. It has transformed the way we operate and has facilitated remote working capabilities. It has its own set of risks, but this does not mean it isn’t secure. If you have any concerns regarding your IT security, whether on mobile or desktop devices, Nuvem Logic are here to discuss ways in which we can secure your data and devices and therefore your peace of mind.