The devices we use most in the workplace have been undergoing a transition over the last several years. This is due to the fact that we have a workforce that’s more flexible and mobile than ever, as well as the advancement of mobile technology capabilities.
Many employees, especially Millennials, would rather access cloud services like email, messaging, and other work apps via a mobile device than on a PC workstation.
According to Microsoft, mobile devices now do 80% of the workload in businesses and make up 60% of the endpoints. Yet security for these devices has been severely lagging behind that of computers.
A recent 2021 report on mobile device security found that 53% of security and mobile management professionals say that they’ve experienced a security incident due to a compromised mobile device.
Several other troubling findings point to companies and users not paying enough attention to mobile device security. Some of these include:
- 31% of companies relaxed their app installation policies due to COVID-19.
- 49% of employees allow friends or family to use their work mobile device.
- 92% of companies aren’t taking any precautions to block the use of unsecured public Wi-Fi on company devices.
With the increase in mobile device use for business, there’s also been an increase in attacks that target mobile devices. Between Q3 and Q4 of 2020, mobile malware grew 118%.
Companies must take the safeguards necessary to protect mobile devices from being the source of major cybersecurity incidents.
Here are some of the protective strategies that companies need to have in place to improve mobile device security.
1. Require the Use of Business VPN
Mobile devices often connect to more than one Wi-Fi network throughout the day as they travel, and many of these are unsecured. For example, someone may stop by a coffee shop on the way to work, and their phone auto-connects to that public Wi-Fi while they’re there.
Public Wi-Fi is an open door for hackers to hang out on the same free network and use software to spy on the activity of others.
While you can’t go around and secure every Wi-Fi that an employee’s work device may be connecting to, you can secure all those connections by having employees use a virtual private network (VPN).
A VPN is a service that a business can sign up for. You add users to the plan, which allows employees to download and sign in to a VPN app on all their devices (computers and mobile devices). With the VPN app turned on, all their internet traffic is encrypted, ensuring security even when on public Wi-Fi.
2. Put Update/Patch Management in Place
Approximately 93% of devices running the Android operating system were found to be using an out-of-date OS version. When mobile devices are out of date, it leaves the device vulnerable to attacks.
Hackers often exploit found vulnerabilities in operating systems, firmware, and apps. Security patches for those vulnerabilities are one of the reasons that updates are issued and should be installed as soon as possible.
It’s important to have a way to ensure updates on employee devices used for work are installed promptly, so devices aren’t left at risk, which in turn leaves your network at risk.
3. Invest in a Mobile Device Management Tool
Here are a few questions that would cause any business owner to worry:
- Which employee devices have access to your customer or accounting data?
- What happens if an employee’s smartphone is stolen, and it’s signed into your company’s cloud storage account?
- Do all employee devices have anti-malware installed?
Unfortunately, far too many small business owners don’t know the answer to those questions. But they should.
A mobile device manager, such as Microsoft Intune in Microsoft 365 Business Premium, is designed to help companies stay on top of mobile device access to business data, even if employees are using their personal devices for work.
45% of UK businesses use a “bring your own device” (BYOD) policy.
Some of the remote features of a mobile device manager are:
- Grant or revoke access to business applications.
- Secure the “work side” of an employee device, while leaving the “personal side” private.
- Push through company apps and device updates automatically.
- Lock or wipe a lost or stolen device.
- Monitor device access to company cloud applications.
- Invoke security policies, such as “do not copy” on certain files.
- Secure cloud accounts by only allowing monitored devices to connect.
4. Mobile Antivirus/Anti-Malware
Mobile devices are not immune from being infected by viruses and malware. They can come through a phishing email or a malicious app that users innocently download.
All employee mobile devices used for work must have a reliable mobile antivirus/anti-malware installed that is kept properly updated to detect any potential threats right away.
Are Your Company Mobile Devices Properly Protected?
NMX IT Solutions can help your Thames Valley area business with a mobile device security strategy, including the adoption and setup of a mobile device manager.
Contact us today to schedule your consultation! Call 01628 232300 or reach out online.