Because of all they can offer, smartphones and tablet devices are essential to many professions’ daily operations. However, as use rises, it will become more and more important to ensure that security for these mobile devices is able to adequately protect you from new and existing threats.
The need for proper phone security is no different than the need for a well-protected computer network. Gone are the days when the most sensitive information on an employee’s phone is contact names and numbers. Now a smartphone could grant access to any number of applications, emails and stored passwords. Depending on how your organization uses such devices, unauthorized access to the information on a smartphone or tablet could be just as damaging as a data breach involving a more traditional computer system.
Lost or Stolen Devices
Because of their size and nature of use, mobile devices are at an increased risk of being lost or stolen. Since most devices automatically store passwords in their memory to keep users logged in to email and other applications, having physical possession of the device is one of the easiest ways for unauthorized users to access private information.
To prevent someone from accessing a lost or stolen device, the phone or tablet should be locked with a password. The password should be time sensitive, automatically locking the phone out after a short period of inactivity. Most devices come with such security features built in, which is something you should consider before purchasing. Depending on your cellphone provider, there are also services that allow you to remotely lockdown or erase a device in the event that it is lost or stolen.
Mobile devices have the potential to be just as susceptible to malware and viruses as computers, yet many businesses don’t consider instituting the same type of safeguards. As reliance on these devices continues to grow, so will their attractiveness as potential targets. Third-party applications are especially threatening as a way for malware to install itself onto a device. Employees should never install unauthorized applications to their company devices.
Like any potential exposure, the level of risk brought on by mobile devices is based largely on how your company uses them. Conduct a formal risk assessment to see where your biggest risks are. Also establish when to conduct follow-up assessments to account for new exposures created by the ever-advancing state of technology.
Establish a Smartphone Policy
Before issuing smartphones to your employees, establish a device usage policy. Outline what does and does not constitute acceptable use and what actions will be taken if employees violate the policy. It is important that employees understand the security risk inherent to smartphone use and their role in its mitigation. Well informed, responsible users act as an invaluable layer of security protecting mobile devices.