Are your mobile devices secure?
Posted by Jez Nolan
Are your mobile devices secure? We all want to work more flexibly, where we want and when we want. To do this, devices need to be mobile. How many mobile devices do you have?
- Phones – at least one
- Smart watch, whether Android or iOS
- Anyone still got Google Glasses??
How many are used to access your company data and are your mobile devices secure?
All are tiny computers and all are susceptible to attack from others who want your data and/or your money. The closer these devices get to becoming full-blown PC/Macs and the more you are using them, the more susceptible they will become and the more they will be targeted. Let’s look at why.
As a society we all look to devices to help us become more productive and more efficient, we connect everything to everything else.
- We can already pay for goods and services using our watches and our phones.
- We talk to others on our phones, our laptops, tablets and watches. I’ve even seen Bluetooth gloves with microphones and speakers in, so you don’t have to take your phone out of your pocket in the winter.
- We consume data on every device we can connect to the internet. With 4G data prices coming down all the time and 5G on the near horizon, we will only increase.
- We expect to be able to see all our data on anything with a screen.
The problem is then the control of this data. What data is where? Where is it supposed to be and how does that differ from where it actually is? Where are there copies and different versions? Can you control it? Can you delete it if needed?
Malware already exists for Android and iOS devices and they are getting worse and more prevalent. It will only get harder and harder to not expose your devices to malware. Once on your device, it will either stop you getting to that data so you pay for the blockage to be removed, or your data is stolen and used by others.
Links in websites, even some trustworthy websites, are the most common way you are exposed. Following these links and agreeing to a download is the worst thing you can do, as that gives them permission to add the malware or virus to your device.
Protecting your devices
There are a number of ways to protect your devices and they vary dependent upon two things:
- Who owns the device, and
- What the device is used for
Let’s start with the simplest one.
Devices owned by the business
If you are providing mobile devices to your staff to help them work more effectively, you have complete control over them. Your mobile security policies are “the law” and so you can apply whatever you deem necessary.
1. Mobile Device management
Adding MDM to all devices gives you complete control over them. Our preferred vendor product is Microsoft Intune, but there are others on the market.
- If they are lost or stolen, you can quickly wipe all data on the devices and stop it falling into the wrong hands.
- Geofencing of data on devices allows you to control access to that data, based on location.
- You can get alerts if someone tries to bypass the controls, either by jailbreaking the phone or rooting around the controls.
- Remotely disconnecting a device is a great way to stop access to your network.
- If you have to wipe data, MDM will enable you to backup and restore data when needed.
- Enforcing password and other security policies is easy with MDM tools.
2. Owned by the user, with access to corporate systems
If you operate a Bring Your Own Device (BYOD) policy within your business, things get a little more complicated. As it is the member of staff’s device, you cannot enforce quite so much, but there is one choice they need to be given:
- Accept your need to be able to manage company data wherever that may be, or
- Use one of your company-owned mobile devices
In our opinion, it would be unreasonable for anyone to not accept one of these options.
Assuming they choose No.1, the most appropriate route for most business is the use of Mobile Application Management (MAM) software. MAM allows your IT department to control what happens only to certain applications on the device, instead of every aspect of the device’s management.
MAM software works by, effectively, sandboxing specific applications and the data they use. You could, for example, sandbox an email application that their corporate account is connected to. The user can still use that email account, but the IT department can control exactly what happens. Perhaps most importantly, they can then wipe that data if the need arises. Another way to look at it is being able to do most of what MDM allows, but only to the controlled applications.
3. Owned by the user, for personal use only
Not really within the remit of the work Ingenious does, but let’s quickly look at this.
As people use their phones for more and more, they will need more protection. Companies such as Malwarebytes have protection from viruses, malware and other nasties for both Android and iOS. Other major protection software providers can protect your mobile devices too, so we recommend you protect your phone. Just because it’s a personal phone doesn’t mean the data on there isn’t precious!
Of course, if you would like to discuss the best ways to protect your mobile estate, we are happy to talk more. Give us a call on 020 3745 6630 or click here and we will call you and ensure make your mobile devices secure.