There’s no doubt about it – the Internet and mobile and cloud computing have made our lives easier. They have also made our businesses more productive, cost-effective and competitive. But make no mistake about it, the Internet is also a breeding ground for thieves and predators. Further more, it can also be an enormous distraction and liability if not used properly. And people are often casual, careless and flat-out stupid about their privacy. You can’t turn on the TV or read a newspaper without learning about the latest online data breach. With one slip-up, a your business can owe heavy fines or sustain serious damage to it’s reputation.
These days, everyone has their own mobile devices. Because of this, many businesses opt for an employee policy of BYOD (Bring Your Own Device). While this may be convenient and cost-effective, it also opens the door for new problems and concerns. As a result, you cannot be casual or careless about introducing mobile device protection education to your organization.
Because of all of this, if you are going to allow employees to use mobile devices – particularly personal mobile devices – to access, store and use company data, then it’s critical that you have these 7 security measures in place.
- Implement a mobile device policy. This is particularly important if your employees are using their own personal devices to access company e-mail and data. There are many things to consider in such a policy. If an employee leaves, are you allowed to erase company data from their phone? If the phone is lost or stolen, are you permitted to remotely wipe the device to ensure YOUR information, or your clients’ information, isn’t compromised? Keep in mind, this would delete all of that employee’s photos, videos, texts, etc. Further, the data in your organization may be highly sensitive. If this is the case, you may not be legally permitted to allow employees to access it on unsecured devices. But that doesn’t mean an employee might not innocently “take work home.” Suddenly, that sensitive data could be visible on other networks. If the device is company-owned, you also need to detail what an employee can and cannot do with that device. This includes actions such as “rooting” or “jailbreaking” the device to circumvent security mechanisms you put in place. Creating a mobile device policy can help educate employees and prevent many problems.
- Require STRONG passwords and passcodes to lock mobile devices. Passwords should be at least 8 characters and contain lowercase and uppercase letters, symbols and at least one number. If you require that employees have passcodes on all devices, this will go a long way. A passcode is the first step in helping prevent a stolen device from being compromised.
- Require encryption for all mobile devices. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that unlocks (decrypts) the data.
- Implement remote wipe software for lost or stolen devices. It is possible that an employee’s laptop is taken or their cell phone is misplaced. Installing “kill” or wipe software will allow you to disable the device and erase any and all sensitive data remotely.
- Backup remote devices. If you implement Step 4, you’ll need to have a backup of everything you’re erasing. To that end, make sure you are backing up all MOBILE devices, including laptops, so you can quickly restore the data.
- Don’t allow employees to download unauthorized software or files. Cybercriminals can quickly access networks by duping unsuspecting users. They simply allow users to willfully download malicious software by embedding it within downloadable files, games or other “innocent”-looking apps.
- Keep your security software up-to-date. Hackers create thousands of new threats daily. Because of this, it’s critical that you’re updating your mobile device’s security settings frequently. It’s best to remotely monitor and manage employees’ devices. This will ensure that employees’ devices are updated, backed up and secured.
Struggling to figure out which option is best for your business? Our FREE Mobile Device Policy Consultation ($297 value) helps point you in the right direction for your business.
Call Us Direct: 512-900-9478 or Contact Us HERE.
Live in or near Austin? Interested in learning more about how to remain secure and welcome your user’s mobile devices onto your network? Register to attend our November TECH & TACOS lunch and learn event.