Are your mobile phones making your business vulnerable?
Posted 23rd November 2021
How many of you use a mobile phone to run your business? We’re not just talking about using it for phone calls and messages from clients; we’re talking about receiving emails, accessing files on the move, using programmes like Microsoft Teams, Google Docs, and Dropbox, even running invoicing and bookkeeping apps from the palm of your hand.
If you’ve just read the last paragraph and are nodding, you should carry on reading this blog. If you aren’t nodding, you should continue reading anyway because it’s quite likely that at some point you will start running parts of your business through your phone.
Since 2018, there has been a dramatic year on year increase in cyber-attacks on smart phones. It makes sense for cybercriminals to attack something that many of us consider to be untouchable. Combine the perceived unhackability of smart phones with the fact that they are used to download apps and that in 2020 68.1% of all website visits came from mobile devices, and you have a gold mine for cybercriminals.
It’s important that we start taking the security of our phones & tablets seriously and that includes any employees who also use their phones for business too.
Create policies about phone use
Any business that uses mobile phones should have policies related to security and usage in place and staff should sign and agree to them. The policies should include procedures for reporting lost or stolen phones (this should cover devices that are issued by the business and those that are personally owned), and agreements that updates are installed as soon as they become available.
Wherever possible team members should also use biometric logins such as fingerprint or facial ID.
Educate your team
We advise that all businesses provide their teams with User Awareness Training but this is even more important when they are accessing data and information remotely. Making sure that they know and can recognise red flags is the first step in protecting your valuable company assets. For example, do they understand the dangers of accessing public unsecured Wi-Fi?
It is also important to regularly check that their knowledge is up to date. Our training system includes an integrated platform which can simulate attacks, enabling your team to learn in a safe and secure environment.
Wherever possible, we recommend that businesses that operate a BYOD policy make sure that any data on employee phones is encrypted. This significantly reduces the risk of any data on the device being intercepted and is another link in your armoury for keeping your data safe. You should also require all staff who are using their phones for business purposes to have a lockout policy set up on their devices. This protects against a brute force attack where a hacker will try multiple passwords to gain a login.
Mobile Device Management
Mobile Device Management (link) allows you to easily manage all the devices used within your business or organisation by using a centralised dashboard that remotely pushes policies and updates to devices via the Cloud. This ensures that not only are all the devices in your network running up to date software and apps, but also that your sensitive business data is secure.
LP Networks offer an impartial IT Consultancy Service providing businesses with advice and guidance on how to use technology efficiently and securely. If you’d like to chat to us, get in touch.