Omega Technical Solutions Blog
The ABC(DE)s of Mobile Security
As of September of 2019, research conducted by Verizon states that almost half of enterprises--half--are willing to sacrifice their mobile security in order to gain “advantages” in speed and productivity. This marks an increase from just 2018, when this metric measured at a still-too-high one-third of enterprises. Of course, such behaviors could bring severe consequences.
That’s why we wanted to share how your business could exercise mobility, while still preserving security.
Why You Aren’t Safe as a Small/Medium-Sized Business
Once upon a time, cybercrime was a simple animal. A target was picked, and the method of breaching it was developed. This meant that the smart strategy for cybercriminals was to focus their efforts on larger targets, as breaching them would be more profitable for cybercriminals to take the time to do.
Unfortunately for the SMB, this is no longer the case.
Nowadays, like many other industries, cybercrime has largely become automated. So, once an attack is designed, there is no reason that a cybercriminal wouldn’t use it against a wide variety of businesses. It’s a little like using a bug zapper compared to the traditional flyswatter--you actually have to actively swing around the flyswatter, whereas a bug zapper allows you to set it up and let it do the work for you. Less effort, for equal (or really, improved) results.
Furthermore, a mobile device does tend to invite a greater risk of other kinds of cybercrime. Actual device theft is much easier when the device in question can be casually picked up and walked off with by a stranger, which is more likely to happen outside the office than within its walls. Convenience is a cybercriminal’s best friend.
What to Do About It
Therefore, you need to make sure that the mobile devices your employees are using throughout their day have the proper protections, and that (perhaps even more importantly) your employees are actually using them, and properly.
Here, we’ve put together a quick guide to help you get started with a more secure mobile strategy--and to hopefully make it more memorable, it follows the alphabet!
Mobile Security, as Simple as A-B-C-D-E
Authentication
Okay, so one of the foundational concerns of the mobile security issue is that it is harder to ensure that only someone with permission to access data is actually going to be accessing it. Let’s face it, all it takes to potentially have a device stolen is for someone to leave their phone unattended in the coffee shop as they add more creamer. However, with the right authentication measures, the risk of the thief accessing data is greatly reduced.
Enforcing strong passwords and requiring two-factor authentication measures for your data helps to restrict access to your data to just the people who should have it. Therefore, this is the first step to any data protection process.
Backups
As we will get into, a big part of keeping the data accessible on mobile devices safe is the capability to delete it. As a result, it is important that you can then restore this data and continue using it once the issue has been resolved. Maintaining an up-to-date backup will ensure that you are able to do so.
Keep checking back on this blog to learn what makes a backup as reliable as can be, or give us a call to find out.
Control
While yes, the mobile devices that your employees own are their property, you cannot allow them to use them as a part of a mobile device strategy if they are going to expose your business to security threats or vulnerabilities. The apps a user installs can contribute to both, so you need to make sure that certain applications are blocked by using a mobile device management solution and encouraging your staff to update their software frequently.
Deletion
Unfortunately, mistakes will be made, and one of them may include one of your staff members actually losing their device. If a device turns up missing, you will want to have the means to wipe the device in question. Make sure that your mobile device management solution offers the capability to remotely wipe any company-owned data from the device in question. If the device is ultimately found somewhere, the data can be restored from the aforementioned backups.
Education
Finally, to help your users avoid mobile security issues, you need to teach them a few key behaviors they will need to adopt. For instance, public Wi-Fi networks are notorious for harboring massive security threats that can access a device once it connects--especially as something is downloaded.
Encourage your users to use their mobile data instead, preferably with the added support of a virtual private network, or VPN. They also shouldn’t be downloading things casually, either.
While we may have covered a lot, the real key here is to promote responsible usage of one’s device… something that the use of a personally-owned device will generally encourage. To really secure a device, mobile device management solutions are perhaps your best option. For help implementing such protections, or with any other business technology question, give Omega Technical Solutions a call at (703) 743-3056.
Comments