Dec 22, 2015
Mobile security is increasingly important for organisations to address, as the BYOD (Bring Your Own Device) trend blurs the line between personal and company data. 84% of mobile users utilise the same smartphone for business and personal use. This means that anyone accessing the internet from their mobile phone, connecting with home and work networks, is putting both their personal and their organisation’s information at risk. Today I’m looking at three common mobile security breaches, and offering six actionable ways to improve your organisation’s mobile security.
3 Common Mobile Security Breaches
1) Device Loss and Theft
The most common mobile security “breach” is caused by lost and stolen devices. Leaving your phone in the back of a taxi after a night out is suddenly much more serious if it’s your work and personal phone. A lost or stolen device could put your company data at risk if you haven’t got good mobile security practices in place.
Malware (the unintentional installation of malicious software) is one of the most common security threats faced by organisations. Malware could take over a phone’s connection, send spam emails, infect other devices, or harvest passwords. 42% of smartphone users store password and login information within apps on their phones, so a mobile breach would pose a real threat to your organisation’s information security.
3) Unsecure Networks
Another danger is the rogue WiFi network that looks like a normal network (for example with the same name as the one in your local coffee shop), but in reality has been created by a hacker. Once you use the network, the hacker monitors all your activity, and attempts to capture sensitive data like passwords and bank account details.
6 Ways to Improve Mobile Security
1) Use Strong Passwords
62% of smartphone users don’t use a password to secure their device. Passwords are the first line of defence against unauthorised access to your phone’s data, so it’s imperative that you follow password best practices to keep your organisation’s data secure. Strong passwords should be 8 characters long as a minimum, and contain no personal information.Learn more: How to Improve Organisation-Wide Password Security
2) Install Anti-Malware Software
Mobile operating systems are increasingly becoming targets for malware, so if you’re using your phone to access the internet, you should install anti-malware software on your device – and keep it updated. This will help to keep your personal and company data safe from malware attacks.
3) Choose Mobile Applications Carefully
When you’re downloading software for your desktop computer, no doubt you’re careful to only download from reputable and secure sources, so why would you take risks when downloading apps for your smartphone? Not all applications are created to the same standards of security. Installing rogue or insecure software even on just a single device can compromise your entire organisation’s information security.Learn more: How to Choose Secure Software for Your Organisation
4) Avoid Unsecured WiFi
It’s important that your employees know to treat WiFi access with caution, so they’re not putting your company’s data at risk. This is particularly relevant to employees who work remotely, who may choose to work from a local coffee shop or log on to public WiFi between meetings.But equally, if you’re using the same smartphone for work and personal communication, connecting to the WiFi while you’re out shopping, or in a restaurant at the weekend can pose a security risk to your organisation. Employees should ensure their phones don’t automatically connect to WiFi networks, and if possible opt for unlimited data contracts so they don’t need to rely on WiFi.
5) Encrypt Sensitive Mobile Communication
Most experts recommend all mobile communications be encrypted because wireless communications are so easy to intercept. Employees accessing company data from outside of the office should use a virtual private network (VPN) to protect and secure their communications.
6) Create a BYOD Policy
BYOD can offer a number of benefits to organisations, such as lower hardware costs and giving employees greater flexibility in terms of their working hours. However, this is at the expense of your organisation’s security. To address the security problems associated with BYOD working, it’s essential that your organisation has in place a BYOD policy, outlining the procedures employees need to follow to secure their devices.