security
Mobile Security
Protect Your Business with Mobile Security
Security threats are relentless and coming from more areas. Learn about the Eight Key Wireless Mobility Security Trends. The Internet of Things (IoT) means that any device that can be connected to the internet or other devices will be connected and organizations will have to deal with an exponential rise in the number of endpoints that need to be secured.
The consequences of a breach can be disastrous with theft of corporate secrets, customer data and other material. Costs to identify breaches, strengthen security, respond to potential lawsuits from data exposed by cyber criminals and regulatory oversight are staggering. Enterprises must proactively respond with programs that combine automation and educational measures to avoid breaches.
While Telecom Expense Management (TEM) and Technology Expense Management don’t usually directly address security threats, Managed Mobility Services and many other areas that ETMA members deal with do have areas that relate to security. For example, IoT provides opportunities for the TEM and MMS market to help with efforts to manage procurement of devices, track inventory, ensure that retired devices are wiped clean, enforce corporate mobile policy, and report on network activity.
Best Practices for Mobile Security
MDM solutions can control, secure, manage and monitor all employee mobile devices. Below are eight best practices to help prevent threats from mobile devices:
- Ensure that devices do not use unsecured Wi-Fi networks to connect to the corporate network through public Wi-Fi hotspots. If necessary, use a VPN (Virtual Private Network) to secure your internet connection.
- Segregate the network used by personal devices from the corporate network and critical business data.
- Safeguard the corporate network with role-based device usage permissions and customizable access to corporate accounts. Where remote access is granted, require two factor authentification to connect to the corporate network.
- Prevent downloading unapproved apps from unreliable third-party sources and only allow downloads from trusted sources, such as a corporate store, the iOS App store, or Google Play.
- Detect and report high risk and non compliant devices Easily discover jail-broken and rooted devices within your organization’s network.
- In case of loss/theft, educate employees to report it quickly and have employees to geographically locate the device and wipe its data to ensure corporate data safety.
- Get employees to understand the dangers of “phishing” emails with links, “spearphish” personalized emails, or other dangerous e-mails sent to employees.
- Verify all phone calls before taking action that could expose network to hackers.
- Use Strong Passwords and Biometrics Ensure devices are protected with a strong password, PIN, or biometric authentication like fingerprint or facial recognition. This adds an additional layer of security to prevent unauthorized access.
10. Enable Two-Factor Authentication (2FA) Use 2FA for your accounts to add an extra step in the login process. This usually involves receiving a code on your mobile device that you must enter along with your password.
11. Keep Software Updated Insure that all device’s operating system and applications are regularly updated to the latest versions. These updates often include security patches that fix vulnerabilities.
12. Install Security Software Use reputable mobile security software that provides features like malware protection, anti-theft, and secure browsing.
13. Be Cautious with Apps: Download apps only from trusted sources like the Google Play Store or Apple App Store. Be wary of app permissions and avoid granting access to sensitive information unless absolutely necessary.
14. Use Encryption Enable encryption on your device to protect your data in case the device is lost or stolen. Most modern devices offer built-in encryption features.
15. Regularly Backup Data Ensure you have regular backups of your data either on the cloud or an external storage device. This helps in data recovery in case of a device loss or failure.
16. Be Aware of Phishing Be cautious of emails, messages, or links from unknown sources. Phishing attacks often use these methods to trick users into revealing personal information.
17. Remote Wipe Capability Ensure your device is set up with a remote wipe capability, which allows you to erase all data on your device if it is lost or stolen.
Implementation Tips
• Training and Awareness: Educate users on the importance of mobile security and how to recognize potential threats.
• Regular Audits: Conduct regular security audits and vulnerability assessments to identify and address potential security gaps.
• Policy Enforcement: Implement and enforce mobile security policies in your organization to ensure compliance and protection.
The list above is a starting point. Threats keep changing and ETMA members will expand its coverage of security as well.