Mobile technologies have profoundly changed how organizations conduct business, share information and interact with customers, employees and partners. However, the increased use of smartphones and other mobile devices for business purposes has created significant potential for security breaches.
Studies find that organizations are surprisingly cavalier about the security of these devices. Although 93 percent of those surveyed for Verizon’s Mobile Security Index 2018 Report said mobile devices present a “serious and growing threat,” most fail to take even basic precautions. Nearly two-thirds have never changed their default password, nearly three-quarters use public Wi-Fi networks for work tasks and more than half allow unrestricted downloads of mobile apps.
Regardless of the brand or operating system, there are a number of basic security measures users should take to ensure the safety of valuable information.
Download apps from reputable sources. Some sites host repackaged versions of popular mobile apps — such as Google Maps — that include spyware. Malware and spyware can still sneak in to reputable marketplaces, however, so be careful — especially with applications from unknown developers that have poor ratings or low download numbers.
Turn off Wi-Fi and Bluetooth when unneeded. Wi-Fi hotspots and Bluetooth create avenues for public attacks. Turning off these features not only improves safety but conserves battery life. When Bluetooth is used, make sure it is in “non-discoverable” mode. When using Wi-Fi, try to use an encrypted network or VPN to prevent hackers from “sniffing” data out of the air.
Keep the OS up to date. Although updates sometimes include features that may seem unnecessary, it is still a good idea to install them because they typically include security patches or improvements.
Set up the screen-lock function. This feature locks the smartphone after it’s been sitting inactive for a period of time, and it requires the user to enter a password or PIN to unlock it. This is one of the easiest functions to set up and it can prevent people from easily accessing personal data if the phone is lost or stolen.
Use a remote location/lock/wipe application. These apps can remotely locate, lock or wipe a phone if it is lost or stolen. In a worst-case scenario in which recovery of the phone becomes unlikely, remote wiping clears all the data so private information won’t fall into the wrong hands.
Back up data. This can be done either with a product or application, a cloud service, or simply by copying contacts, documents, pictures and personal information to your computer.
Write down the device’s IMEI number. The International Mobile Equipment Identity (IMEI) is a unique number used to identify mobile phones. Carriers can use this number to prevent network access if the device is stolen. The 15-digit IMEI number can be found inside the battery compartment of the smartphone, or by simply dialing *#06# on the keypad.
Install an antivirus app. Consider using mobile security antivirus software — especially with Google’s Android OS. As the market-leading mobile OS, Android has become the biggest target for cybercriminals. Some security experts estimate that as many as one-third of all Android apps contain some form of malware.
Don’t “jailbreak” the phone. Jailbreaking means breaking open the phone’s file system to allow modifications. Although doing so enables access to unofficial apps and more features, it can also bypass many security features.
The right IT security policies and end-user training can help your organization capitalize on the efficiency benefits of mobile technology while reducing the risk of a security breach. Contact SSD for a confidential consultation.