Have you questioned yourself on how secure your corporate data and operating systems are? Every year companies invest millions of pounds in firewalls, anti-virus software, training, and patching programmes to protect sensitive information. Is any of this used for your mobile network?
Most of your staff will be currently working from home and when back at work will be mobile with a computer, that computer has access to your office systems which means access to your corporate data.
We will look at the bare minimum you should carry out to keep you and your mobile devices secure.
Your Definition of Acceptable Risk?
We recommend starting with your data centre if you are securing there then why wouldn’t you secure your mobile devices from mobile threats. Extend your security from the data centre as far out as possible. You won’t be able to duplicate all of it on mobile phones; you can however extend a number of the systems to your mobile devices as follows:
- Keep and maintain clear records of phone data, e.g., device serial numbers, MAC addresses, etc.
- Protect your devices with remote device location and remote wipe
- Ensure strong passwords are used
- Ensure OS upgrades are up to date
- Enable on-device encryption
- Educate users about potential risks
Gone are the days when companies use to provide a Blackberry, today users prefer their own devices, platform and network provider making this a far less easy to control. These vary from between IOS and Android with IOS locking down the apps a user is able to install from the app store better than Android therefore increasing mobile security.
Employee education is a strong line of defence; equally as important to those in an office environment.
- Educate users about the need to use strong 6-digit passcodes/ biometric passwords to access the device. (Cyber Essentials recommends 8 or more!)
- Educate users about the need to ensure OS upgrades are installed as soon as possible in order to ensure devices are best protected from known vulnerabilities in the OS.
- Avoid saving passwords on the device.
- Training will raise users’ awareness of suspicious behaviour, e.g. being asked to install anything on their smartphone, suspicious emails that require them to visit a website and enter credentials, etc.
Lock Down the Network
You may already lock down traffic across your network and this can also be done for staff who connect via mobile devices. Take into account your perception risk.
- Ensure Bluetooth settings are turned off.
- Educate users about the need to avoid publicly accessible Wi-Fi.
- Turn Wi-Fi settings off and force users to use your mobile carriers’ networks
- Use a VPN connection for specific apps, content or connections (although a compromised device may still pose a risk).
- Force all traffic via a full tunnel VPN (although this has implications for the phone’s battery life, the user’s privacy, and your own infrastructure considerations about bandwidth, data flows and server maintenance).
Invest in a Mobile Device Security Solution
Alternatively invest in a Mobile Device Management Solution (MDM).
This can include:
- Ability to prompt users to upgrade their OS.
- Network threat detection.
- Malware security, including whitelisting and blacklisting of applications.
- Create security policies that can be applied or adapted based on the device location, or the application or network being used – flexibly adapting security settings on the go.
- Install root or jailbreak detection software.
- Create rules for alerts and even, where high risk is identified, device wiping.
- Automated mobile device threat analytics and intelligence.
- Management and administration tools and reporting.
No matter what, these devices are essential to your business productivity, so they need to be carefully managed to avoid risks and secure data. If you are ready to improve productivity and keep your data secure contact Locits, we’d love to hear from you, for a no obligation quote on how to stay secure.