Mobile security, do I need it?
We’ve outlined what it is and what you can do to up your device security.
Unless you are new to computers and the IT world, I am certain you would have heard anti-virus protection. Especially it’s importance for protecting your business (if you haven’t heard… it’s extremely important). Yet with more devices being used for business purposes, advanced mobile security isn’t being thought about.
Why? The answer is simple, not everyone needs it. If every mobile device was loaded with high level protection software scanning every app, message and file. It would be useless for individuals using it for basic texting and calling – albeit for business purposes – as it would take up memory and generally slow down the device.
However, with more and more companies having employees who work remotely or want more portable equipment to use on the go, we are predicting a big rise in mobile security and protection software. This is where emails, messages and documents could be exposed, and your company data breached.
Previously, we’ve talked about the Internet of Things and physical device usage could be a great step for your business, so protecting these devices should be a necessary step.
Do I have to have it?
No, it isn’t a mandatory requirement as primarily mobile phones aren’t used for handling or producing business files – invoicing, payroll etc. like a company PC would.
However, it doesn’t mean messages with sensitive data aren’t sent using these devices. Consider the communications that happen within your network – employees to employees, current customers and potential business contacts.
Alarmingly, it means if the device is lost or stolen that company data could be leaked.
What could be dangerous to my device?
Just like a PC, there are forms of malware, trojans and adware which can infect your device. These are generally results of downloading unsafe or fragile application packages that are not approved through a certified app store.
Thankfully app stores like Apple and Google, put new apps through security tests to ensure protection for users.
Be that as it may, there are still risks out there. To examine this further, Digital trends interviewed Andreas Marx from AV-Test. Where he explained about the rise in dangers for Android devices:
“At the time you first contacted me back in August 2012, we counted around 85,000 known malware samples for the Android platform. As of today (2-14-2015), we’re receiving the same amount of samples within just 2 weeks.”
What is worrying is that since 2012, there doesn’t seem to have been a general improvement in the public eye. Bigger mobile networks aren’t advertising anti-virus software for mobile devices. There isn’t any promotion or talk about security alongside the news about 5G networks.
Wandera.com also undertook research into what types of viruses were currently infecting devices:
‘According to our research, the number of malicious malware installation packages found striking mobile devices more than tripled in 2016, resulting in almost 40 million attacks globally’
Their research revealed that downloaded applications, advertising, scams and direct to device methods were the most popular routes to corrupt users.
What security steps should I take then?
Physical device security
It may seem like a silly thought, but it’s still a realistic threat. In 2016 a Ponemon study, detailed that 35% of employees had no device protection in place to protect company data.
Further in the report they also revealed that nearly half of those surveyed said they had no password, PIN, or biometric security steps in place for their device.
The steps here are clear. When business devices are purchased and assigned to your workforce, make sure a unique pin and password is assigned to the device. With another factor of authentication be included as well (fingerprint, facial recognition, or email verification)
Alongside this, it would be a good idea to get a secure password vault for your company. This is a sensible back-up option, as well as a great way to automatically generate secure passwords for future accounts.
Remote wipe is a security feature that allows a network administrator or device owner to send a command to a stolen or vulnerable device to delete data.
This could be a lifesaving option if a device is stolen or falls into the wrong hands. But there are some implications you should be aware of.
The device must be on and connected to a network
As “wipe” is a command that is sent to the device, it must be turned on and connected to a network to receive the protocol.
If a device does go missing, alert your IT team as soon as possible. As the window for wiping the device could be very small – depending on the battery, hardware etc.
Adjust the level of wiping
The brilliant advantage of remote wipe is that there is a variety of options to install. For instance, if the device was being used by a former employee. There is an option for an “enterprise wipe” which ensures the applications and data relevant to your company, remain on the device.
Mobile Anti-Virus and software
Although it isn’t as popular as PC protection, anti-virus software for mobile devices does exist. There’s a host of free applications that will scan and detect changes to your apps and alert you when dangers arise. Simple but effective!
Unfortunately, they won’t solve the issue if your device is infected by malicious malware. If you are thinking about mobile security and want to see what the free offerings are, TechRadar have compiled a list of anti-virus packages they have tested.
Take on board of the steps we’ve outlined for device security. As they could be the factor between vital information being exposed and protected.
If you’re looking to learn more about how to protect your IT network, or general advice about how improve your IT infrastructure – Get in contact with us on 02920 887 362 or send us an email at email@example.com