Industry Insights

Combatting Mobile Device Insecurity

Posted by Susan Sison on Mar 10, 2017 9:00:13 AM

Mobile devices are everywhere in business. Employees bring their tablets, smartphones and laptops to work and connect them to company wi-fi. They access sensitive company data from the unsecured wi-fi network at Starbucks; and use their own, unsanctioned productivity apps to do business with the corporate credit card.

While that company mobile is in a coffee shop, a hacker can within 30 seconds mirror that device and copy everything from it, or install malware that allows a thief to browse it — and your company data — at leisure. Or, it could just be stolen, and getting past a four-digit password is trivial for a practiced hacker.

The shear number of mobile devices being used for work has increased productivity for the enterprise and headaches for IT. With more mobile users bypassing corporate perimeter security to upload everything from customer data, email and even viruses straight to the cloud, more companies need to take more proactive steps to shore up mobile device security.

Mobile Device Security Steps

  1. Enact a mobile usage policy. Be clear about what is and what isn’t acceptable use of mobile devices for work. Provide guidelines on how to access email after business hours, what data is allowed on a device, and what services are appropriate to access at work (file sharing services, for example) and what are not (Online betting sites? Dating networks?).

  2. Keep it simple. When onboarding employees, make sure that with the basics, HR also provides instructions on how to connect devices to company systems. Making the process easy, consistent and easily available will help you nurture security advocates who contribute to the protection of the entire enterprise.

  3. Help employees be secure with mobile. Requiring a password of at least four (six is better) characters is a minimum. What you should do is take action should the device be missing: Ensure the screen locks if unused for five minutes, and encrypt the device to minimize the risk of data compromise if the device has been stolen. Get the rights to wipe employee-owned devices when necessary, or at least selectively wipe company data.

  4. Make data backup easy. Employees accustomed to automatic data backups of office PCs may not buy into rules governing the backup of devices that are always with them. Consider how you’ll backup data automatically, what data you want to backup and encrypt, and even if you want to block a device from sending you data if you think it has been compromised.

  5. Get a mobile device management (MDM) platform. Choose a solution based on the kind of devices you’re protecting (Laptops? Cell phones? Tablets? Wearables?) as well as what you’re protecting. If you need to secure data from a phone that’s missing, you’ll need a more basic MDM than one built for end-to-end protection. And your needs may be greater; so do get advice on systems that will match your needs for multi-factor authentication or conditional access to data.

These are, again, the basics in mobile device security, but know that even when phones and laptops are secure, threats will still get through. NCA can help you block and mitigate mobile threats with a collaborative, security fabric platform that delivers layers of protection by integrating best-in-class security technology and real-time intelligence. Contact us.

Subscribe to Email Updates

Posts by Topic

    

Delivering Technology Delight

5 Ways NCA Delivers Delight:

  1. We start with Integrity.
    Simply put: We do what we say we are going to do and we do right by you.
  2. We transfer what we know to you.
    With our exposure to more than 200 networks per week, our collective experience is your advantage. We draw on our continuously expanding knowledge to accelerate the advice we offer you and enhance the resulting road map intended to improve all aspects of your business.
  3. We spot trends.
    We are always looking ahead to spot trends instead of chasing them. As the earliest adopters of several innovations, we will help you capitalize on technology trends to put you one step ahead of your competition.
  4. We know your risk.
    Our ISO 27001 Certification and high-profile client relationships have given us the experience to assess and migrate your risk, so the right people have access to the information that matter most to your business.
  5. We are the "X" factor in your business.
    Working with multiple vendors can be as demanding as keeping up with evolving technology. We tackle vendor roadblocks and relationships for you, so you can put your effort where it counts for you: running your business. Trust NCA to use our industry and vendor experience to help you make the best decision.