Keeping Mobile Business Devices Secure
September 30, 2016
A growing concern at work
Threats to cell phone security have grown dramatically in the past few years due to cybercriminals targeting mobile users. In the last three months of 2015 alone, the antivirus firm McAfee Labs reported 2.4 million unique pieces of mobile malware compared to just 300,000 in the final quarter of 20141—an 800% increase.
As more and more work gets done via mobile devices, your employees’ phones can put your business data at risk.
Keep your employees’ cell phone software updated and back up each phone’s data.
For small and medium-sized business owners, this is a particularly worrisome trend since many employees today regularly use mobile devices (cell phones, tablets and more) for work-related activities.
The most common risks:
- Thieves can steal your personal info over an unsecured Wi-Fi network.
- Your phone could accidentally download ransomware, blocking access to apps. (This type of malware is most common on phones running Google’s popular Android™ operating system, which accounts for the majority of phones sold. Apple’s popular operating system, iOS™, while more secure than Android, is also increasingly falling prey to malware albeit at a much slower rate.)
- Your phone could download a virus through email and become infected.
- Simply viewing a picture someone texted can be enough to infect an unprotected device, potentially giving thieves access to your data and/or passwords.
How to keep your cell phone secure
Keep your phone’s software up to date:
Keeping your operating system and apps up to date is one of the best ways to avoid malware, since malware code writers tend to look for and exploit weaknesses in the way these programs have been coded. When these weaknesses are found by the OS and software makers, they send out updates (or “patches”) to fix the problem before the hackers can use them to infect people’s devices.
Require passwords for lock screens:
To prevent unauthorized access, enable the phone’s lock screen. Set your phone to lock automatically after every use. That way, if your phone is lost or stolen, your data will be safe.
Download and use Android security apps:
There are phone security apps that can warn you of any security risks, as well as protect your phone from the most common forms of malware. There are about 100 of these types of apps available on the market today.
Do not change factory settings:
Changing or altering factory security settings is risky. Tampering with your phone’s settings—often called “jailbreaking” or “rooting“—can render the built-in security features useless.
Back up your data:
This will keep you protected if your phone is easily lost or stolen. Fortunately, most network providers also offer cloud backup and storage. Check with your phone’s manufacturer or your network carrier about how to back up your device.
Only install apps from trusted sources:
The Apple App Store® and Google Play® store vet apps before allowing them onto the marketplace. Although occasionally some infected apps get in, apps from these sources are considered far safer than ones downloaded from other sites. It’s also a good idea to do a little web research before downloading an app to make sure it’s safe.
Think before downloading and installing:
Many apps not only access your personal data and social media accounts, they read your posts and often post things in your name. Be very careful about granting these applications access to your personal information or allowing the app to perform any functions on your behalf. At a minimum, read the privacy section of the terms & conditions before installing.
Enable remote locating and wiping functionality:
The ability to remotely locate and erase all of the data on your phone is an important security feature that should be enabled. Check with your phone’s manufacturer or your network carrier about how to enable this function on your device.
Avoid open Wi-Fi networks:
Cybercriminals have been using open public Wi-Fi networks to target victims for years. Always avoid them if you can and instead use protected Wi-Fi networks from a network operator you trust. Do not access sensitive personal information or log in to applications unless you are using a secure connection like a virtual private network (VPN) or a site with “https:” in the URL.
Erase your phone’s data before donating, selling or recycling it:
Your cell phone contains lots and lots of personal data that could be used against you. To protect your privacy, wipe all data from your phone and reset it to its original factory settings before it leaves your hands.
Report a stolen cell phone:
Although it might not help you get your phone back, the big wireless carriers, as well as the Federal Communications Commission (FCC), have established a stolen-phone database that lets stolen phones to be “bricked” remotely so they can’t be used without your permission.
To help further manage your business’s data on employee phones, employers can also engage with one of the many mobile device management (MDM) or mobile application management (MAM) vendors to do things like wipe work-related apps and data from the device, in the event it is lost or stolen.