No one must convince you how much we use our mobile devices to stay connected to our daily lives. Mobile devices represent the second most common vulnerability to corporate security, right after people. Businesses that practice BYOD without a robust MDM policy increase their risk exponentially. We have narrowed down six practices that should help you improve your device security.
Best Practices for Mobile Security
- Employ Your Device Security Features
In our busy lives, it is hard to keep track of all your devices as you move around. Invariably, something gets left behind.
Switching on the device user authentication lowers the risk of the person finding your device, being able to access the information stored on it. Most modern phones and laptops utilize biometric options like fingerprint authentication. Less fussy devices may use PIN, pattern or password mechanisms (see tip 4) for security. While these measures are better than nothing, it is not a panacea. The goal is to use the mechanisms provided by the manufacturers to ensure the person with the device has authorization to use it.
- Always Have Your Operating System Up To Date
The pop-up for an update shows up and you roll your eyes because you are in the middle of your task. In a world of more tasks than time, you make a mental note to do the update later, but it rarely happens. Operating system giants Microsoft and Apple have gotten better at pestering you with the pop-ups until you acknowledge and execute the update.
Outdated software without recent security updates and patches, makes your device a target for hackers. The easiest way to make sure your device stays current, is to set it receive updates automatically. This can be achieved through an MDM solution.
Regardless of the device you use, make sure you reboot or restart the device after receiving an update.
- Avoid Public Wi-Fi
Public Wi-Fi is meant to be a convenience. A quick way to connect to a reliable internet connection while you wait at an airport or fast food restaurant for instance. In most cases, the cost to connect is free. The cost of the freeness is exposing yourself to malware, hackers or other bad actors.
The irony of the situation is that many people already know public WiFi is unsafe but choose to ignore it. One study revealed 91% of respondents know public Wi-Fi has inherent security vulnerabilities. 89% of the same respondents chose to ignore those vulnerabilities.
Access to tools for breaching security is available to anyone who can search the internet. You can spend hours watching videos on how to intercept traffic over hotel, coffee shop, and airport Wi-Fi networks. In the process, gleaning valuable information such as credit card number, bank account numbers, passwords and other private data.
Using any network that is not your corporate network, exposes you to damage to your devices, personal image, reputation and finances.
- Use a Password Manager
Passwords are a necessary evil to modern day computing. In the same way, you do not have one key that opens every door in your business and home, you should not use the same password for every internet service you use. In theory, it sounds convenient. In practice, it will be disastrous if the key were lost, stolen or copied.
In reality, you most probably have keys on a keyring. A password manager is the “keyring” to your “keys” (passwords). It takes the chore out of having to remember complex passwords for your various services and platforms. A great password manager like Lastpass or Dashlane take the stress out of creating new passwords also.
Two-factor authentication (2FA) should be used with your most sensitive sites and services as an additional layer to your password security process.
- Remote Lock and Data Wipe
BYOD policies implemented in most companies understand that mobile devices serve two purposes: personal and professional. So long employees are aware that a great MDM (mobile device management system) should give the business the ability to lock your mobile device and wipe the data if it was lost or stolen, yields a higher confidence threshold for protection.
- Remember To Backup
Final point – back up your data! Locking or wiping the device is a short-term solution, so having a backup will be critical to your security strategy. Several of the leading mobile device manufacturers offer cloud services to backup your devices which can allow you to restore your data to your replacement device. Dropbox, iCloud, Google Drive are alternative cloud storage services you could enlist in your backup strategy.
Get Your BYOD Mobile Device Security Policy
If you follow these six practices at a bare minimum, you stand a better chance or reducing your risk of a cybersecurity breach. These steps are not enough for a thorough cyber security plan. Consult with a managed, IT services provider to develop a comprehensive BYOD policy for your company.