Securing your Mobile Device in 7 easy steps
The technology of mobile devices has advanced quicker than ever before.
We have smartphones, tablets & laptops nowadays.
Mobile devices continues to grow more powerful and become even more integrated into our personal and work lives. We have our email, calendars, apps that are integrated with our computer programs and much more. Smartphones and tablets can help an organization increase efficiency, productivity, and provide flexibility as well as speed.
Of course as it plays a bigger roll in our lives, it also becomes a bigger target for criminals.
Often times criminal target business information, such as personal data belonging to your clients.
To protect your device you should be doing the following:
1) Develop a Strategy for Mobile Device Security.
Start by performing an audit to figure out where mobile devices play a role in your organization.
An audit helps you understand your organization’s risk based on the amount, types and usage of mobile devices in your organization.
Next do a risk assessment to find what the possible theft and loss scenarios for your mobile devices and data.
Once you have the results of your audit and risk assessment, you can identify appropiate policies and controls to protect any sensitive and confidential data that may be processed, stored, or transmitted on your mobile devices.
2) Create a Security Policy for Mobile Device usage.
Create a security policy; this could be a little hard depending on how many and what kind of mobile devices that your organization uses.
You still need it to adress risks associated with all the mobile devices being used and procedure that should be followed. Make sure that the following topics are included:
Password complexity requirements
Data that should NOT be stored on mobile devices
Guidelines for business and personal use of mobile devices
How to decide if an application is safe to be downloaded and installed
How to report lost/stolen devices
3) Establish Accountability
Management in an organization have the responsibility to give the users the policy, procedures, and technologies to secure mobile devices in the workplace. But on the other hand the users have to understand the policies and procedures, be accountable for the security and data on those devices. Make sure your users are well informed and trained on mobile security.
4) Launch Awareness Training
Speaking of training, put in place a training and awareness program to help your employees understand new and up and coming threats. Especially since more and more users are using their mobile devices to complete their work. These trainings should include cover threats such as:
Phishing – Fake emails asking for personal information
Malware – Downloaded applications that have malware, virus, malicious codes or bots hidden in them.
Eavesdropping – Voice calls aren’t always confidential, especially to foreign countries, and could be a great risk.
5) Use Application Control, Patching & other Safeguards.
Use mobile device management solutions to protect your device and data. It will help do the following:
Restrict corporate e-mail delivery to only those devices that are meeting your company policies.
Change passwords on mobile devices over the air.
Deliver apps to mobile devices in a controlled way.
Make sure that mobile devices are compliant with company policies.
Ensure OS (operating systems) and apps are current and patched
Whitelist approved apps – Blacklist unapproved ones.
Discover jailbreaking and rooting.
Manage and identify all mobile devices accessing your network
6) Use Remote Wipe, Encryption, and Anti-Theft Capabilities
It will cost your business more if a device containing sensitive or confidential data is stolen that it would if it was encrypted.
Besides encryption you should also have anti-theft technologies in place that would help find stolen devices or prevent unauthorized people from using a lost or stolen device.
Most smart-phone have remote wipe on it so that you can erase any data on a lost or stolen phone.
You might also find it useful to invest in software to manage all your devices, and provice centralized logging and reporting.
7) Understand Privacy Issues
Mobile devices have plenty of privacy risks that they inherit. Unauthorized disclosure of customer or employee information can end up damaging your business’ reputation and results in costly fines due to security incidents, data breaches or not complying with regulations.
Leave a comment and tell us how you are protecting mobile devices and its data!
About Edson Monteiro.
Edson is a compliance & security specialist, as the President of Sentinel Digital Systems and author of Tech-Source blog, he helps small businesses meet guidelines and saving them big bucks on penalties.