read

The 7 Mobile Device Security Best Practices You Should Know for 2024

By Margaret Concannon | January 3, 2024
Margaret is the Content Marketing Manager at Ntiva, and has been a marketer for managed services providers since 2013.
ntiva

Three years after the beginning of a global pandemic, one thing is for sure: remote work is here to stay. 

Remote work (by definition) could be working from home, it could be a hybrid work environment, or simply utilizing mobile devices to get your work done. Working remotely can add many benefits to a company’s bottom line, like increased employee productivity and job satisfaction and reduced need for unused office space.  

It also puts the employee and the company at greater risk of a security breach. 

Whether company business is being conducted on a laptop, Android or iPhone, or even a mobile tablet, working remotely increases the likelihood that employees will be conducting business on unsecured networks (like public Wi-Fi to check email) or unaware of the security risks in their working environment.

Protecting company data from these mobile threats require a few different tools and procedures than old-school cybersecurity practices that work great in a static, server-based environment.

 

Mobile Device Security Best Practices

We've compiled a short list of the 7 key practices we recommend you put in place to keep your mobile devices secure, which is more important than ever with the jaw-dropping rise in cybersecurity crimes, which keeps increasing day by day. 😔

<<Is your company data secure? Check out our Guide to Remote Work Security!>>

 

Table of Contents

1. Enable user authentication
2. Use a password manager
3. Always run updates
4. Avoid public wi-fi
5. Enable remote lock
6. Cloud backups
7. Use MDM/MAM

 

Mobile Device Security Best Practices

 

1. Turn User Authentication On

It's so easy for company laptops, tablets, and smartphones to get lost or stolen as we leave them in taxi cabs, restaurants, airplanes...the list goes on.

The first thing to do is to ensure that all your mobile user devices have the screen lock turned on and that they require a password or PIN to gain entry. There is a ton of valuable information on the device!

Most devices have biometric security options like Face ID and Touch ID, which definitely makes the device more accessible, but not necessarily more secure. That's why it is a good idea to take your mobile security practices a step further and implement a Multi-Factor Authentication (MFA, also known as two-factor authentication) policy for all end-users as an additional layer of security.

Regardless of which method you choose, ensure ALL your devices are protected by making sure you are who you say you are - and if you use passwords, be sure not to miss tip #2 below!

 

2. Use A Password Manager 

Let's be honest, passwords are not disappearing any time soon, and most of us find them cumbersome and hard to remember. We're also asked to change them frequently, which makes the whole process even more painful.

Enter the password manager, which you can think of as a "book of passwords" locked by a master key that only you know.

Not only do they store passwords, but they also generate strong, unique passwords that save you from using your cat's name or child's birthday...over and over.

Although Microsoft has enabled password removal on their Microsoft 365 accounts, we're still far from being rid of them forever! As long as we have sensitive data and corporate data to protect, passwords will be a critical security measure.

 

3. Update Your Operating Systems (OS) Regularly 

security for mobile devices

If you're using outdated software, your risk of getting hacked skyrockets. Vendors such as Apple (IOS), Google, and Microsoft constantly provide security updates to stay ahead of security vulnerabilities.

Don't ignore those alerts to upgrade your laptop, tablet, or smartphone. To help with this, ensure you have automatic software updates turned on by default on your mobile devices. Regularly updating your operating system ensures you have the latest security configurations available!

When it comes to your laptop, your IT department or your IT services provider should be pushing you appropriate software updates on a regular basis.

Be sure to take a moment to hit "restart"; otherwise, it won't do you much good!

Although it's very tempting to use that free Wi-Fi at the coffee shop, airport or hotel lobby - don't do it.

Any time you connect to another organization’s network, you’re increasing your risk of exposure to malware and hackers.

There are so many online videos and easily accessible tools that even a novice hacker can intercept traffic flowing over Wi-Fi, accessing valuable information such as credit card number, bank account numbers, passwords and other private data.

Interestingly, although public Wi-Fi and bluetooth are a huge security gap and most of us (91%) know it, 89% of us choose to ignore it.

 

4. Avoid Public Wi-Fi

Although it's very tempting to use that free Wi-Fi at the coffee shop, airport or hotel lobby - don't do it.

Any time you connect to another organization’s network, you’re increasing your risk of exposure to malware and hackers. There are so many online videos and easily accessible tools that even a novice hacker can intercept traffic flowing over Wi-Fi, accessing valuable information such as credit card number, bank account numbers, passwords, and other private data.

The only caveat here is...if you absolutely must use a public Wi-Fi network, make sure you are also using a VPN to encrypt your internet activity and make it unreadable to cyber criminals. But remember, even this tactic may not offer the cybersecurity protection you need to be truly secure when using public internet access.

Interesting but disturbing fact: although public Wi-Fi and Bluetooth are a considerable security gap and most of us (91%) know it, 89% of us ignore it. Choose to be in the minority here!

5. Remote Lock and Data Wipe

Every business should have a Bring Your Own Device (BYOD) policy that includes a strict remote lock and data wipe policy.

Under this policy, whenever a mobile device is believed to be stolen or lost, the business can protect the lost data by remotely wiping the device or, at minimum, locking access.

Where this gets a bit sticky is that you're essentially giving the business permission to delete all personal data as well, as typically in a BYOD situation the employee is using the device for both work and play.

BYOD Policy


Most IT security experts view remote lock and data wipe as a basic and necessary security caution, so employees should be educated and made aware of any such policy in advance.

 

6. Cloud Security and Data Backup

Keep in mind that your public cloud-based apps and services are also being accessed by employee-owned mobile devices, increasing your company’s risk of data loss.

That’s why, for starters, back up your cloud data! If your device is lost or stolen, you'll still want to be able to access any data that might have been compromised as quickly as possible.

Select a cloud platform that maintains a version history of your files and allows you to roll back to those earlier versions, at least for the past 30 days.

Google’s G Suite, Microsoft Office 365, and Dropbox support this.

Once those 30 days have elapsed, deleted files or earlier versions are gone for good.

You can safeguard against this by investing in a cloud-to-cloud backup solution, which will back up your data for a relatively nominal monthly fee. 

7. Understand and Utilize Mobile Device Management (MDM) and Mobile Application Management (MAM)

Mobile security has become the hottest topic in the IT world. How do we allow users to access the data they need remotely, while keeping that data safe from whatever lurks around on these potentially unprotected devices?

The solution is two-fold: Mobile Device Management (MDM) and Mobile Application Management (MAM).

Mobile Device Management is the configuration, monitoring, and management of your employees' personal devices, such as phones, tablets, and laptops.

Mobile Application Management is configuring, monitoring, and managing the applications on those mobile devices. This includes things like Microsoft 365 and authenticator apps.

When combined, MDM and MAM can become powerful security solutions, preventing unauthorized devices from accessing your company network of applications and data.

Note that both solutions should be sourced, implemented, and managed by IT experts - in-house or outsourced-familiar with mobile security. For example, you can look at this short case study on how we implemented Microsoft Intune MDM for a healthcare provider, including the details behind the implementation.

Implementing these 7 best practices for your employees and end-users, and enforcing strong mobile security policies, will go a long way to keeping your mobile device security in check.

Once you have these best practices under your belt, make sure you level up your mobile device security game by checking out our Guide to Remote Work Security!

 

New call-to-action

Tags: Mobility

You May Also Like These Articles