Mobile devices and modern work practices are a match made in heaven. By 2024, nearly 60 percent of the US workforce is expected to be comprised of mobile workers, who rely on smartphones and tablets to complete their assigned tasks and workflows.
Since even average mobile devices are now basically highly portable computers with more processing power than most desktop and laptop computers boasted just a decade ago, they go a long way in making their users more productive and connected.
Unfortunately, mobile devices also expose end-users and the organizations they work for to a host of mobile security challenges, many of which mirror those associated with traditional desktops and laptops. The following top five mobile device security best practices can help you address them to better protect your mobile devices in 2022.
Download
DoD Contractor’s Guide to CMMC 2.0 Compliance
1. Practice Timely Patching
The mobile industry is moving forward at a fast pace, with most manufacturers releasing new devices every year. The software smartphones and tablets run on and the apps users install on them are also evolving to take advantage of improved hardware capabilities.
All this relentless progress doesn’t leave much room for in-depth optimization, which is why headlines about mobile device vulnerabilities are so common. For example, in 2020, Check Point Research discovered over 400 vulnerabilities in one of Qualcomm Technologies’ most-used DSP chips, found in 40 percent of mobile devices.
Mobile vulnerabilities can be (and commonly are) exploited by cybercriminals to execute malicious code or extract sensitive data, so it’s paramount to patch them as soon as possible by installing all available mobile operating system and app patches.
Because employees often postpone the installation of available patches to avoid being interrupted while working, your organization should enable automatic updates on all mobile devices and have remote vulnerability assessment capacities, such as those provided by Microsoft Defender for Endpoint.
2. Encrypt & Automatically Lock All Devices
According to a report from Snow Software, 30 percent of employees have lost a work device while on vacation.
What’s even more worrying is that only 49 percent contacted their company when a work device was lost or stolen.
The cost of replacing lost or stolen mobile device is the least organizations that experience this unfortunate problem have to worry about. A much bigger problem is that sensitive data, access credentials, and private communications can fall into the wrong hands.
To prevent this from happening, device encryption should be enabled on all smartphones and tablets to make data unreadable without the correct password. For device encryption to be as effective as possible, access to mobile devices should be restricted by requiring users to authenticate themselves before every single use of their devices.
Most devices today support multiple authentication methods, including a PIN, pattern, password, facial recognition, or fingerprint, so employees can choose the one they’re most comfortable with.
3. Gain Remote Control Capabilities
The actual users of the mobile devices that connect to your network should always be your first line of defense, so it’s critical to regularly provide them with security awareness training.
But even well-trained employees who understand the importance of timely patching, device encryption, authentication, and other best practices can make mistakes and expose themselves to dangerous mobile threats.
Mobile device management (MDM) can add another useful layer of defense by allowing IT administrators to remotely control, secure, and enforce policies on all mobile devices within your organization. For example, administrators can minimize the risk of a data breach by remotely locking or even wiping devices that employees report as missing or stolen.
MDM goes hand in hand with Mobile Application Management (MAM), which extends remote control capabilities to the complete lifecycle of every app used in an organization, making it possible to silently install, update, or delete apps, enforce app settings and app-specific policies, and more.
4. Back Up Devices to the Cloud
Most organizations today are aware of the importance of backups, and even SMBs often follow ransomware-proof backup strategies like the 3-2-1 backup strategy, which helps recover from data loss incidents by keeping three copies of all important data, stored on two different media, with one copy kept off-site.
However, the same organizations sometimes forget to extend the backup strategies that protect their servers, desktop computers, and laptops to mobile devices.
That’s a huge issue because mobile devices are not immune to data loss. Common causes of mobile data loss include physical damage, device theft, mobile malware, accidental deletion, and faulty app and OS updates.
Cloud backup solutions like Microsoft OneDrive, Google Drive, or Dropbox represent what’s arguably the easiest and most bullet-proof backup method for mobile devices. By keeping data in the cloud, accessible from any device, they also reduce the friction associated with transitioning from working on mobile devices to desktop computers and laptops.
5. Avoid Unsecured Networks
One of the biggest advantages of mobile devices is the fact that they can connect to the internet from virtually anywhere via cellular data. But because cellular internet speeds still often leave a lot to be desired (not to mention how many carriers impose strict cellular data caps), mobile workers regularly rely on public Wi-Fi networks when traveling.
Cybercriminals know this, and they’ve been setting up malicious Wi-Fi hotspots in public places for years. “Hackers can easily set up malicious hotspots which appear to be legitimate and yet can intercept and record people’s personal data,” said Paul Lipman, CEO at BullGuard, which commissioned a study of free public WiFi use. “This allows them to steal usernames, passwords, credit card details, bank account information and more.”
Since it can be very difficult for regular employees to tell apart legitimate and illegitimate Wi-Fi hotspots, it’s best for them to always use a Virtual Private Network (VPN) to send all traffic through an encrypted tunnel. Even though a VPN makes it technically possible to use even an unsecured network without much risk, such networks should still be avoided as much as possible.
To limit the potential for access by hackers, it’s also a good idea to keep the Bluetooth interface disabled until it’s actually needed.
Conclusion – Mobile Device Security
Mobile devices represent an important part of most employees’ daily workflows, but they also give cybercriminals many new opportunities to gain access to protected networks and sensitive data.
The five mobile device security best practices described in this article are all easy to implement, and they can greatly reduce the risk of your organization experiencing a mobile-related cybersecurity incident.
If you would like more information about them or assistance with their implementation, then don’t hesitate and schedule a meeting with us.