“If your business allows employees to use mobile devices, particularly personal mobile devices, to access, store and use company data, then it’s critical that to have these seven security measures in place.”
There’s no doubt about it – the internet and mobile and cloud computing have made our lives easier and our businesses more productive, cost-effective and competitive. But make no mistake about it, the internet is also a breeding ground for thieves and predators, not to mention an enormous distraction and liability if not used properly. It is causing people to be casual, careless and flat-out stupid about their privacy in an increasingly litigious society where heavy fines and severe reputational damage can occur with one slip-up – which is why you cannot be casual or careless about introducing it to your organization.
If your business allows employees to use mobile devices, particularly personal mobile devices, to access, store and use company data, then it’s critical that to have these seven security measures in place.
No. 1 – Implement a mobile device policy.
This is particularly important if your employees are using their own personal devices to access company e-mail and data. If that employee leaves, does your policy allow erasing company data from their phone? If their phone is lost or stolen, are you permitted to remotely wipe the device – which would delete all of the employee’s photos, videos, texts, etc. – to ensure the business information, or your clients’ information, isn’t compromised? Further, if the data in your organization is highly sensitive, such as patient records, credit card information, financial information and the like, you may not be legally permitted to allow employees to access it on devices that are not secure. Without strong safeguards in place, employees may inadvertently “take work home.”
No. 2 – Require strong passwords and passcodes to lock mobile devices.
Passwords should be at least eight characters and contain lowercase and uppercase letters, symbols and at least one number. On a cell phone, requiring a passcode be entered will go a long way in preventing a stolen device from being compromised.
No. 3 – Require all mobile devices be encrypted.
Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that unlocks (decrypts) the data.
No. 4 – Implement remote wipe software for lost or stolen devices.
If you find a laptop was taken or a cell phone lost, “kill” or wipe soft ware will allow you to disable the device and erase any and all sensitive data remotely.
No. 5 – Backup remote devices.
If you implement Step 4, you’ll need to have a backup of everything you’re erasing. To that end, make sure you are backing up all mobile devices, including laptops, so you can quickly restore the data.
No. 6 – Don’t allow employees to download unauthorized software or files.
One of the fastest ways cyber-criminals access networks is by duping unsuspecting users to willfully download malicious soft – ware by embedding it within downloadable files, games or other “innocent” looking apps.
No. 7 – Keep your security software up-to-date.
Thousands of new threats are created daily, so it’s critical that you’re updating your mobile device’s security settings frequently. As an employer, it’s best to remotely monitor and manage your employees’ devices to ensure they are being updated, backed up and secured. Stephanie Kinsey