Mobile technology has progressed leaps and bounds in the past 20 years – we’ve moved from using brick-like cellular phones with huge antennas to super-slim, touch-based smartphones, tablets, and convertible laptops. With the parallel growth of the Internet, these devices have helped us get even more connected and made life extremely convenient, but this increased connectivity has also heightened the security risks associated with mobile devices. Cybersecurity Ventures predicts that Wi-Fi and mobile devices will account for nearly 80% of IP traffic by 2025.
In this article, we take a look at the increasing threat to mobile device security and what businesses can do to mitigate this threat.
One of the biggest issues in mobile device security is addressing the BYOD challenge. Employees prefer to bring their own devices to work and then use those devices on corporate or government networks. However, given that most users have no idea what mobile device hygiene is, employees are inadvertently placing their organizations at risk. Thus, the challenge for security teams is to keep employees happy while also securing the enterprise.
What can businesses do?
There are many ways to be proactive about safeguarding company devices from security threats.
1. Create a Mobile Device Security Policy
Before your employees are given smartphones or tables, a robust device usage policy should be created. This policy should lay out clear rules regarding acceptable device use and clearly indicate the actions that will follow if the policy is violated. The employees should fully understand the security risks and how those risks can be mitigated. Your first line of defense comprises well-informed, responsible users.
2. Establish a BYOD Policy
If employees are allowed to use their personal devices on company networks, ensure that you have a formal BYOD policy in place. This BYOD security policy should also include the following:
-Installation of remote wiping software on personal devices used to store or access company data.
-Training employees on ways to protect company data when using their own devices.
-Informing employees on the protocol to be followed in case their device is lost or stolen.
3. Use updated software and antivirus programs.
Mobile devices should be kept updated since these updates often include patches for various security issues. Therefore, updates should be installed as soon as they are available.
Several options of antivirus software are available for mobile devices. Some are free to use, whereas others are subscription-based (monthly or annual), which often have better support. In addition to antivirus offerings, several of the software also monitor call logs, SMS, and MMS for suspicious activity. They allow creation of blacklists to prevent users from installing known malware to their devices.
4. Backup devices regularly.
Mobile data should be backed up regularly to ensure that if the device is lost or stolen, company data remains safe.
5. Select strong passwords.
A recent Microsoft study reported that the average Internet user maintains around 25 accounts but only sets an average of 6.5 different passwords. This obvious lack of security awareness is what hackers use to steal data. The following tips will help ensure that mobile device passwords are strong but also easy to remember:
-Employees should change their device login password every 90 days.
-Passwords length should be at least eight characters including uppercase letters and special characters.
-Names of family members or pets should not feature in passwords. A few minutes on a social media site can help hackers get this information.