July 09, 2014 by The GLS Team
More organizations are part of the growing trend of BYOD or Bring Your Own Device to work. While this policy provides convenience for employees and increases productivity, it also increases the company's level of risk. With so many people using mobile devices to connect with the Internet or intranets, there is a greater possibility of security problems. Hackers have managed to enter a company network through the Internet connection on a smartphone. To protect the information and data stored on your devices, here are five best practices to follow.
1. Limit Data Shared
One good way to keep others from discovering your personal and company information is to not place sensitive data on mobile devices. Although these devices are meant to make your life more convenient as a repository of photos, contact details of family, friends, and colleagues, the devices all leave you more vulnerable to a security breach.
2. Require Authentication
With authentication, you have to prove who you are before gaining access to a mobile device. In most cases, the authentication is a password or a personal identification number or PIN. The trick is to create a password or PIN you can remember, but is hard for anyone else to guess. For best results, users need a password that is at least eight characters long and contains capital letters, lower case letters, numbers, and symbols. These types of passwords are harder to decipher. A PIN should also be difficult to uncover (don’t use 1111, 1234, etc). If you believe a phone only allows for 4 characters, check your security settings. In many cases you can turn off the “simple” PIN in your settings, which will enable you to create longer passwords.
If you choose to use swipe authentication, it needs to be a complicated pattern that someone wouldn’t normally guess or try. For example, don’t do a line up, or swipe left or right.
Once you have a good password or PIN in place, it's also a smart idea not to write it down on a piece of paper and leave it near your device. In addition, remember to turn on the device authentication in case the device is ever lost, misplaced, or stolen. This prevents anyone who finds your device from actually using it.
3. Remember to Log Out
One of the easiest ways to protect the data you have on your device is to log-out of the services you’re using and remember to lock your device. Staying logged in makes it possible for others to gain access to the information you have stored on your device. For example, you may be logged into multiple accounts on your mobile device (such as social media accounts, email accounts, etc.), and if someone were to gain access to your mobile device with all your accounts logged-in, they have instant access to your accounts and information. Even before going to the bathroom or getting a cup of coffee you should first log off your accounts. Yes, it can be a nuisance to have to log back in a few minutes later, but an experienced hacker can download a lot of sensitive information in just a few minutes (and we’ve all seen what friends can do when they “hack” social media accounts).
4. Use Encryption Tools
Encryption is another important part of security. With encryption, the data transmitted, received or stored is scrambled so it is impossible to read if intercepted by hackers. Most mobile devices offer encryption capabilities, but you have to enable them and use them correctly to protect your information. If your device does not have built-in encryption features, you can purchase and install third-party encryption tools. You need to encrypt the memory card or any data stored on the device. Organizations should mandate that all employees use device encryption.
5. Install Anti-Malware Software
Mobile devices are also susceptible to viruses, spyware, malware, Trojans, worms, and other malicious content that can infect your device or gain access to the company network. Most mobile devices do not have security software pre-installed. In these cases, consider buying and installing commercial software designed to protect mobile devices from attacks.
Mobile devices in the workplace are now part of business culture. To learn more about information security in the workplace, Global Learning Systems has a great security awareness training course. The best thing organizations can do now is to take security threats seriously by implementing policies that strengthen mobile device security.