The statistics vary but around 80% of people use a personal mobile device at work. Many employees use personal mobile devices for work purposes whether their employer knows it or not. In this article, we take a brief look at the pros and cons of BYOD, and suggest nine actions you can take to safeguard your mobile devices.
BYOD (bring your own device) is the common acronym for the company sanctioned use of personal mobile devices. Adopting a BYOD policy can certainly be of benefit. Companies that favour BYOD make an average annual saving of £265 per employee. Typically, workers who use mobile devices save themselves an hour a day and are 34% more productive1. Nevertheless, BYOD does come with challenges.
Download a copy of our BYOD basics guide.
Security concerns are the main reason companies choose not to adopt BYOD. However, Cloud managed services such as Microsoft 365 can significantly reduce the risks. Microsoft 365 provides best-in-class Office apps, device management and advanced security.
Of course, no advanced technology in the world can stop a careless or uninformed employee opening a phishing email. Phishing is a type of online fraud whereby criminals attempt to lure unwary recipients of fake emails into clicking on bogus links in order to steal confidential data such as passwords. In fact, half of UK cyberattacks involve phishing emails2. Yet, many firms provide no security awareness training to staff. Of course, your staff can be your company’s biggest security asset rather than its weakest link.
Download our guide on promoting a culture of security awareness.
Nine actions to safeguard mobile security
Below you will find nine actions you can take to safeguard your mobile device security:
#1 Lock it
To prevent your smartphone or tablet being used by anyone else, lock it. You can set a password, PIN code or swipe pattern. Alternatively, use biometric information such as facial recognition or fingerprint to secure your device.
Encryption is a method of transforming valuable data into a secret code that only someone with the right key can access. Some apps routinely encrypt information while at rest and when in transit. This helps prevent hackers accessing your data even if they intercept it. For people with an Android device, you can enable encryption via Settings and then the Security tab. If you use an Apple iPhone, it encrypts all data automatically. Of course, encryption only works if you lock your device in the first place.
Hackers use malware to steal data such as passwords and account information from personal devices. To help safeguard your data invest in some anti-virus software. Typically, these applications examine anything you try to download or open on your device to make sure it is malware free. It is worth doing some research to find the best anti-virus app for your particular make and model of device. Many of the most popular anti-virus apps also come with a range of privacy and anti-theft features.
#4 Find My device
Over 1,220 mobile phones are stolen every day in the UK3. A staggering 34,000 mobiles were lost on London’s Underground train network last year4. Whether your device is lost or stolen, it is a major inconvenience and risks compromising your organisation’s data. Company-owned devices are usually protected by sophisticated mobile device management (MDM) software. Android and Apple provide ‘Find My’ device-tracking applications for personal use. These apps enable you to locate a lost or stolen mobile, stop anyone else using it and erase all data from the device, if necessary.
If your mobile is lost, stolen or irretrievably damaged then having automatic backup switched on will be a lifesaver. Once you have a replacement device you can simply reinstall your apps, settings and media. However, not all backups are created equal. Different manufacturers and service providers offer different types of backup service. If you use your personal mobile for work purposes, we recommend you examine the different backup solutions available to ensure you get the best one for your needs.
Deciding what apps to install on your mobile device is something of a judgement call. Some organisations produce whitelists of pre-approved apps they regard as suitable for work purposes. The fact that an app is available to download from a reputable app store is no guarantee that it is safe. In recent years, the Google Play Store and Apple iTunes have been caught hosting malicious apps that have subsequently infected millions of devices5.
Having downloaded a new app onto your mobile device, one of the first things you see during installation is the permissions screen. Typically, people agree to the app permissions without thinking. Permissions allow legitimate apps to function properly. However, permissions can also be used by malicious apps to by-pass security, harvest your data and take control of your device. It is always worth reading exactly what permissions a new app requires before installing it. If in doubt, don’t install the app. You can also review and change the permissions of apps already on your devices by going to Settings.
#8 Security updates
Cyber-security is an arms race between legitimate device manufactures and software developers and illegal hackers and malicious coders. The moment a new app launches, cyber-criminals will seek to exploit any vulnerabilities they can find in the code. Once a security vulnerability is found, the legitimate developer will quickly work to produce a patch or upgrade to fix the problem. You should always install the latest security patches, bug fixes and upgrades immediately. Backup your phone as a precaution before doing a major update.
#9 Avoid public WiFi
When working remotely it is always advisable to avoid using public WiFi services. Data carried over a public network is not secure and is easily intercepted by hackers. Instead, use your organisation’s VPN (virtual private network). VPN enables you to communicate and share data securely. If VPN is not available then use your smartphone’s SIM data connection. Whenever you do not need Internet access, switch your smartphone to Airplane mode, which will disable your WiFi, Bluetooth and SIM mobile data connection.
Learn more about mobile security
Many organisations benefit from BYOD, enjoying reduced costs and increased productivity. However, BYOD comes with security risks. If you would like to know more about BYOD, Microsoft 365, mobile device management or security awareness training – contact Modern Networks.