01 Feb Smartphone Security – The Basics
Smartphone security often comes a poor second to other areas of IT security. But they are just as vital to secure, as with all devices which store and transmit important information, they’re vulnerable to hackers and damage, loss and theft. If your work phone is synchronised with internal office systems, the risk is greater still.
When the US security firm Checkpoint Software interviewed more than 700 businesses for their 2015 report they found that 42% of interviewees had encountered mobile security incidents, which cost more than $250,000 each to fix.
We’ve collated the list of expert, yet basic tips to help you secure smartphones used by your employees.
24 security tips for business smartphones
- Keep a comprehensive log of the phones given to your employees for work, and ensure that phone retrieval/wiping is part of your staff termination procedures
- Set in place a formal business phone use protocol, with safety and security at its heart, and train staff in how to keep their phone secure both inside and outside of work
- Choose a phone with the proven security and anti-theft features
- Enforce use of lock codes – we’d recommend 6 digits as a minimum length, with a lock-out featurte
- Switch on ‘Do Not Track’ in your mobile web browser to stop websites from collecting your data
- Block your phone number to stop businesses harvesting it and potentially selling the data on
- Use a service such as Google Voice to block incoming callers who are not in your phone book
- Learn how to recognise spam calls that could result in your number being sold to marketing companies. A caller ID solution is a good tool
- Use a recovery app to find phones if they are lost or stolen – they can find devices via their GPS location
- Log completely out of any websites you visit via the phone, particularly important if you use your business phone to buy items online
- Enable all the phone’s security features and tools, and update them as soon as updates become available
- Add contact information to your device so if someone finds it, they can return it to you
- Only download apps from stores you know for sure you can trust, like the Apple or Google store, and avoid third party app stores at all costs. They’re notorious for spreading viruses and malware
- Only download the apps you actually need for business
- Keep your personal and work phones totally separate, with no cross-over of data or contacts
- Back up your data regularly, ideally onto the cloud
- Keep your operating system updated to the latest versions
- When you’re not using the phone, turn WiFi and Bluetooth off.
- Reject unsolicited texts and emails – ideally, don’t even open them
- Consider encrypting all traffic with a VPN service
- Never leave a mobile unattended
- Don’t use unsecured WiFi networks
- Keep the phone locked when not in use; use autolock after a set amount of time
- Encrypt sensitive information
Finally, as technologies and the threats to them are always evolving, regular mobile security reviews are necessary to ensure your staff are fully aware of any new threats and know exactly how to avoid current threats.