The “Bring Your Own Device” (BYOD) trend has helped many businesses increase productivity while lowering cost and increasing efficiency. But it's also brought security risks - here are 4 good ways to improve your security game!
There's no question that the rise in mobile device usage has increased security risks, giving cyber criminals a great opportunity to obtain your company’s sensitive data.
According to the Mobile Security Index 2018 published by Verizon, 32% of organizations surveyed admitted to sacrificing mobile security to improve business performance.
In addition, only 14% of companies had implemented the most basic cyber security practices!
Even if your company doesn’t have a formal BYOD program, employees are likely accessing company data and communications via their own devices.
It’s therefore imperative that you have the right kind of support and policy in place to ensure that sensitive information is protected from malicious hackers.
Here’s how to improve the mobile security of your organization:
1. Protect the Devices
Keep track of all the devices that have access to enterprise content and services (e.g., email) with an authentication and registration process.
Establish enterprise criteria for device security, such as complex passcode, biometric-based authentication, multi-factor authentication, specific OS-level security, privacy settings, and device data encryption.
Employees should follow endpoint security best practices at all times, such as ensuring that all software patches are up-to-date, disabling ports that aren’t in use, and becoming familiar with the incidence response plan.
2. Secure Content and Collaboration
To protect sensitive information, make sure it’s encrypted and tracked at all times. Measures should be put in place to protect content that’s accessed from and stored on employees’ mobile devices.
Besides work email and associated attachments, you also need to protect access to unstructured data on enterprise content repositories (e.g., Sharepoint, Documentum) and cloud storage services (e.g., Dropbox.).
Implement selective enterprise content wipe, which allows IT to remove any business content and profile settings on a device if it’s lost or stolen.
In addition, apply restrictions on how business content can be shared using non-enterprise applications (such as consumer email or social networking apps.)
3. Establish a Security Policy
You should have a mobile security policy in place to clearly communicate the security protocol to all employees.
The policy should make sure that employees are using supported devices and OS, following passcodes best practices, using multi-factor authentication to access enterprise content, downloading and using only whitelisted apps, and practicing minimum security requirements (e.g., encryption, lock screen.)
In addition, specify the consequences for any violation of the policy so employees will take it seriously.
4. Provide Training For Employees
Your mobile security protocol and policy is only as good as how well it’s enforced and followed.
Security training should be part of the new hire onboarding process to make sure everyone is familiar with the mobile security policy from day one.
In addition, hold periodic training sessions to promote awareness, make sure all employees are up-to-date with the latest security risks, and what they can do to stay safe.
Ensure that employees have access to the BYOD policy (e.g., by posting it on the company intranet) and obtain a signed consent from those participating in the BYOD program.
BYOD helps employees become more productive and allows companies to lower costs while increasing efficiencies.
By following the proper cyber security protocol, you’ll be able to take advantage of mobile technologies without worrying about compromising your company’s sensitive information.
If you're overwhelmed by what to do first and how to do it, you might want to reach out to a qualified third party who offers IT consulting services, and who can help you create a plan and train employees.
Want to learn more on your own about protecting your devices and about cyber security as a whole? Download our Cybersecurity Guide.