With the increasing dependence on mobile devices for both personal and professional use, the threat of cyber attacks targeting these devices is on the rise. Mobile devices contain a wealth of sensitive information, making them a prime target for hackers. To protect your business, it is essential to implement strong mobile device security practices. In this article, we discuss the best practices for mobile device security for small businesses.
Choosing Mobile Devices Carefully
Not all devices are created equally when it comes to security. For example, iPods were built for general consumers and were less inherently secure than devices designed for enterprise users such as law enforcement. Therefore, it is essential to choose devices that offer strong security features.
Updating Mobile Device Software and Mobile Apps
Keeping your devices up-to-date is essential for protecting against malware and security threats. This includes updating the operating systems and mobile apps on your devices.
Install Anti-malware Software
Anti-malware software can help protect your devices from malicious software threats. Company policies should make this a mandatory requirement for any employee that uses a mobile device for business.
All Mobile Device Communication MUST be Encrypted
Communication from mobile devices should be encrypted to prevent data from being stolen or manipulated.
Company Policies Must Require Strong Authentication and Passwords
It is essential to make sure that strong authentication and passwords are set up on mobile devices to ensure possession of a device does not automatically grant access to important information and systems. Biometric security options such as fingerprint scanners, facial recognition, and voice-print recognition should be utilized if available.
Plan for the Worst: Lost or Stolen Devices
In the event that a device is lost or stolen, it is recommended that company policies should require that the device automatically wipes the device of its internal storage information.
Limit or Block the Use of Third-Party Software
To prevent possible compromise and security breaches, company policies should limit or block the use of third-party software on company-provided devices.
Create Separate, Secured Mobile Gateways
Provide a specific gateway for access that is protected with the most up-to-date anti-malware software and other cyber-security tools.
Require that all Mobile Devices be “Locked Down”
Company policy should require that prior to allowing employees to use their mobile devices for work, they should be configured to avoid unsecured wireless networks and Bluetooth should be hidden from discovery.
Perform Regular Mobile Security Audits and Penetration Testing
It is recommended that companies hire a reputable security-testing firm to audit their mobile security devices at least yearly.
Don’t Use Public Wi-Fi
Public Wi-Fi is easily breached and therefore is often utilized by hackers. Instruct employees to avoid using public Wi-Fi in all circumstances.
Educate Employees
Employees should be educated about mobile device security and the dangers of public Wi-Fi, phishing, and social engineering attacks.
Upgrades
It is important to wipe any mobile device that will be re-purposed or turned into a vendor for upgrade. Deleting content from the device is not enough; follow the device instructions to take the device back to original factory status.
Don’t Open Suspicious Emails
Never click on a link unless you are completely confident it is from a trusted source.