While you’re probably worried about the future and are constantly trying to make your business a more customer-friendly environment, there are a couple of things you need to know about mobile devices. Smartphones and tablets have been penetrating the workplace for a while already. They’ve made conducting business a very simple process while, at the same time, ensuring that employees can attend to work practically anywhere in the world. It’s been quite a blast to have these things around.
However, there’s a flip-side to mobile penetration. Your business’ security and integrity can be threatened by two things: The loss of a device that eventually ends up in the wrong hands, and the intentional theft of one. These things can’t always be prevented, but there are ways in which you can make the possibility of such things happening minimal.
Digital Defense, Inc., a provider of a variety of network security products, has been kind enough to give us some tips on ensuring that your mobile security is as tight as a taut rope:
- Make and enforce a mobile security policy within your business. Obviously, this means having a dialogue with your employees on how they should operate their mobile devices. We’ll get to some of the details in the points below.
- Make sure that employees are aware that they must use certain devices to access your enterprise networking infrastructure. This is to help you determine which devices are able to access the network and which aren’t.
- Configure the network in such a way that only devices you’ve approved for use with that network will have connectivity.
- If you’re giving employees devices you own for their use at work, make sure you have a way to track them. Make an inventory of these devices regularly.
- Limit the amount of operating systems and device brands that you distribute to employees. It’s preferable to have only one or two brands of phones. This removes the headaches of having to manage the weaknesses in each brand of phone.
- If you’re going to limit phones to one operating system, choose one that has strong OS-level encryption. iOS has very powerful security that includes solid encryption, for example.
- Lest you be concerned about employee privacy on a phone that you gave them, conduct random inspection of these phones. Obviously, if you let employees bring their own phones, you’d be breaching their privacy by doing this.
- Any phones you give employees should not be capable of tethering or providing hotspots.
- Don’t allow company-owned devices to synchronize with cloud services automatically (like iCloud).
- Teach employees how to make a strong password (a combination of numbers, letters, and symbols, like “fjF@94#,” works) and enforce this policy any way you can. The hardest passwords to crack are phrases with symbols embedded in them (such as “ph1llip w3nt to th3 m@rk3t”). The longer the password, the better it is at resisting brute force and dictionary attacks.
- Configure mobile devices so that they do not cache sensitive data (like passwords) on their browsers.
They also have one final piece of advice: Keep up to date on the latest mobile security threats. After you’ve learned how to mitigate these threats, teach your employees to do the same and ensure that their phones and tablets are kept up to snuff!