used with permission from SBA.gov, by Anita Campbell
Mobile devices pose heightened security risks. Those risks come in several forms.
- Devices — including business data saved on them such as call records, contacts, images, videos, documents and email messages — can be lost or stolen.
- If you use mobile apps or cloud software accounts with saved logins, anyone could conceivably access your business data through those apps or accounts via a stolen or lost mobile device.
- Devices used over insecure connections such as public Wi-Fi, can expose data to hackers and eavesdroppers who steal login credentials, banking and credit card information, emails, and more.
- Mobile devices may serve as a backdoor for malware to enter your business network.
Obviously, it’s important to protect your mobile devices and your company’s data.
Here are some essential mobile device and data security tips you can use to protect your small business.
1. Use a Secure Lock Screen
If someone gets ahold of your device, the last thing you want is for them to just turn it on to access everything. The first line of defense is a secure screen lock. This could be a strong password or perhaps a biometric lock such as a fingerprint scanner. That way, someone who casually recovers your lost device, for example, won’t have instant access.
2. Enable Location Settings
The best case scenario for a lost or stolen phone is to be able to find it quickly. You can greatly increase your chances of doing just that by enabling “location settings” ahead of time. For example, the Find My iPhone feature available for iPhones and iPads helps you identify where your lost device may be by ringing your phone and including a helpful screen message as to how to contact you, the owner, as well as tracking your device. Similar services are available for Android, Windows and Blackberry devices. Become familiar ahead of time with the applicable service for your device. Discover what it can do and can’t do.
3. Use a Remote Wipe Security Application
Remote wipe security applications give businesses the ability to “wipe” or lock down devices from a distance. The various location finding services above include some level of wipe or lock down protection. But many businesses need more protection. Consider a commercial remote wipe application for all devices used by employees for business purposes. Some wireless providers provide this, as do some Internet security software providers. Don’t just leave it up to each individual employee. A business-wide application can allow your systems administrator to secure sensitive company data in the event an employee leaves your employ (because the employee can’t supersede the security simply by reestablishing his or her individual account).
4. Use Encryption
Encryption converts data into code that is not easily deciphered. While not foolproof, encryption does make it harder for hackers to intercept data and communications transmitted wirelessly.
5. Avoid Open Public Wi-Fi
Admit it: when you travel to conferences, stay in hotels or work in the coffee shop, you sometimes rely on open and unsecured Wi-Fi, don’t you? When you connect your mobile device to public Wi-Fi, you leave your data open to potentially being accessed by anyone else on that Wi-Fi network. If you work while out and about, or if you travel a lot, consider investing in a mobile hotspot of your own, one that uses your wireless carrier’s network connection, and not rely on the coffee shop’s public Wi-Fi.
6. Disable Automatic Wi-Fi Connect Features
For the reasons mentioned in point 5, be sure to turn off your automatic Wi-Fi connection settings in your phone or tablet. Some devices have such settings enabled. Turn them off so your device doesn’t connect to an insecure network without you realizing it.
7. Deploy a Virtual Private Network
A virtual private network or VPN is a type of connection that allows all devices located remotely to securely share data to and from the company network. It creates a private encrypted tunnel for data to pass through between mobile devices and your company systems.
8. Back Up Data
You can’t completely prevent your device from getting destroyed, such as in a car crash or by dropping it off a boat. So just in case, it’s a good idea for you to automatically back up data and files such as photos and videos, in the cloud. That way you can still access data no matter what disaster befalls your device.
9. Research Apps Before Downloading
If an app isn’t from a trusted source, you could potentially be downloading malware or some other security threat to your device. The major app marketplaces such as Google Play and Apple Store have gotten good at screening apps for security issues. Before you download an app, though, do some research to be sure other users aren’t reporting security issues.
10. Use Anti-Virus and Security Protection
The major anti-virus and security software vendors such as Norton, Kaspersky and McAfee offer applications that protect mobile devices from viruses, spyware and other malware that can get in and spread to your business network. Some network providers and wireless providers also provide security. Look for mobile or multi-device protection application. Such software may be coupled with remote wipe/ lock protection, doing double duty.
These 10 techniques can make using mobile devices more secure. But I’d like to add one bonus tip: keep an eye on your device. Don’t let mobile devices out of your possession, or step away from them, even for a few minutes. When leaving planes, rental cars, taxi cabs, Uber rides, restaurants, security checkpoints at airports, trains and other places where things tend to get put down or fall out of tote bags or pockets – always check to make sure you have devices with you.