Call me back

Do you have a BYOD policy at your company? It has become a very popular way for companies to keep hardware costs down and give people better workplace flexibility. Now employees can access the company data they need to get to work from anywhere, at any time. This is fantastic for increasing productivity and engendering true collaboration for teams. However, there is that pesky concern about security…

How easy is it for someone to hack a smart device? More importantly, what can be done to prevent it from happening?

2017 was the year of the cyberattack, but many IT professionals now expect mobile malware to take the spotlight as cybercriminals target companies through the individual’s smart device. As BYOD becomes an increasingly popular way of keeping everyone in the organisation connected, we need to start thinking about security in a different way. A combination of macro security and micro security is key, i.e. use enterprise-grade security solutions, but also keep individuals informed as to how to protect the devices they use.
Below are some practical ways you and your team can protect your smartphones so that sensitive company data stays secure.

Mobile security rule 1:
Lock that screen

We all love convenience. It’s why we have things such as same-day delivery, speed dial, instant coffee, microwaves, cruise mode, etc. We want to do what we need to do as effortlessly and efficiently as possible. Hence why so many people never think to customise their mobile screen lock feature. Unfortunately, we’re here to tell you that if your smartphone requires just a simple, smooth swipe to open, it was never locked it begin with. Is a pin code good enough? You can do better.

Head to the Settings application on your mobile phone and locate your Lock Screen/Security settings. Depending on whether you have iOS or Android you will have different options for customisation. If you are currently using a basic four-digit pin, using a pattern sequence is the next step up in security, but better than this is an alphanumeric password. The latest smartphones also give you the option of using biometrics to unlock your phone, i.e. fingerprint or facial recognition.

Mobile security rule 2:
Only use a Wi-Fi you trust

Before connecting to a Wi-Fi network, always ask yourself the question ‘‘Do I trust that this Wi-Fi is secure?’’ This is especially important for remote workers who could be working in all kinds of environments, from cafes to trains to their friend’s kitchen.
Cybercriminals can set up free networks mimicking the Wi-Fi of trusted brands. Therefore, if you are signing into a company’s Wi-Fi, take Starbucks for example, ask someone who works there if you have the right network. If you’re still unsure, you can download a VPN (Virtual Private Network) app which creates an encrypted ‘‘tunnel’’ for your online traffic.

Mobile security rule 3:
Your private messages should not be a free-for-all

When you put your mobile down and walk away, what happens when a notification comes through? On most smart devices the default notification setting means that new messages can be easily read, even when the screen is locked. This is very problematic if you are being sent password reset codes and other such sensitive information. In the Notifications settings of your smart device, you can choose for the message text to not be visible when the screen is locked. Don’t worry, you’ll still get the notification, just minus the preview giving away all the juicy details!

Mobile security rule 4:
Two-Factor Authentication (2FA)

At Unity, we are strong advocates of Two-Factor Authentication. Not only because it is a must for enterprise-grade security, but because it makes the sign-in process easier for legitimate users. The two-factor element refers to the use of two types of identification as a log-in. These usually consist of something the user knows – a password – something the user has – a mobile – and something the user is – a fingerprint. 2FA can be used on your lock screen, but many applications and services also give you the option to use it, prime examples being Facebook, Google and Bank of Ireland.

Mobile security rule 5:
Disable third-party downloads

If you are using iOS then downloading suspect third party applications is not really a concern for you because Apple does not support them. However, Android has left it up to the user’s discretion to decide which applications are safe and which are not. This gives the user more choice and it is good for competition, but if you do not know what you’re doing you could easily leave yourself open to getting hacked by malicious mobile malware.

You can read more about this topic in our blog, ‘‘Don’t put it off any longer – protect your smartphone from cyber attacks!’’ But if you do not have time for that, just open up your Settings application and check your App settings. Here you should find an option that says ‘’Unknown Sources’’. By disabling it you will be prevented from downloading from third party sources in the app store.

Mobile security rule 6:
Don’t put off setting up Find My Device/Find my iPhone

We all know it’s there, somewhere buried in our Settings. Find My Device and Find My iPhone is not only handy for the individual who may misplace their device, but it is essential for a company that has sensitive data on that device. Many BYOD policies include the right to wipe a device that has been stolen from afar, but this is only possible if this feature has been correctly set up.

Remember, knowledge is power! Keep everyone in your organisation up to speed with the latest in IT security with company-wide emails and training days while also ensuring you have the appropriate security software setup for your business.

Worried your enterprise’s IT security isn’t up to scratch? At Unity, we provide managed IT security services tailored to your specific needs. Get in contact with us today to discuss your options!