Show:
6 Phone Security Best Practices That All Business Should Follow
Phones are a major point of vulnerability for modern businesses, and so having policies in place to make sure they can be used safely is imperative.
There are a number of best practices which are tried and tested when it comes to secure mobile device management in the workplace, so here are just a few that must be followed to the letter.
Use a platform to streamline and centralize control
There are lots of compelling solutions for mobile device management available on the market today, so there’s no excuse for steering clear of them.
The right platform can unify how you handle your bring-your-own-device policies, and ensure that everyone’s on the same page no matter what configuration and combination of practices you decide to adhere to.
What if an employee’s mobile phone is hacked?
You should plan for worst case scenarios, rather than hoping that your security measures will be sufficient to protect you from hacks indefinitely.
Learning how to fix a hacked phone ahead of time, rather than only taking action after a breach has already been reported, is sensible.
Training employees on the signs of a compromised device, such as one which has a fast-draining battery, exhibits performance issues, or has inexplicably high data usage, is also wise.
Require the use of password-protected lock screens
The lock screen is often the only thing standing between a would-be hacker and access to all of the valuable, sensitive data a modern mobile contains. So insisting that employees use password or PIN protection is a must.
You can go above and beyond basic login details, of course, such as by setting a minimum number of alphanumeric characters or numbers for the code that is higher than typically used, and thus more secure.
You should also dissuade the use of unsecure, guessable passwords, which are still far too common in many working environments today.
An additional step of deploying multifactor authentication may be necessary, depending on the sensitivity of the services that mobile users can have access to. This means combining a password or PIN with another way to prove the identity of the user, such as an SMS including a single-use code to initiate a given session.
Install updates whenever they are made available
While some mobile phone updates add new features, functions and aesthetic items, more often than not they are necessitated to patch some new security vulnerability that’s been unearthed.
Because of this, if a device is left with an older version of the software installed, it is even more of a weak point.
Having a policy of installing updates immediately, whether on business-owned devices or on personal handsets, will protect you from this scenario. And given the tech challenges that small businesses face, dealing with this can remove one more problem from your plate.
Ensure data can be deleted remotely
Mobile phones going missing or being snatched by criminals is a fact of life. You need to be prepared for it, and being able to remotely erase all information from a handset is the ideal answer.
All modern phones have this ability, you just need to ensure that you and your employees know how to initiate this, and that you also understand that this is a necessity and not just a last resort.
Document everything unambiguously
Finally, don’t skimp on the documentation of your phone security policies and best practices. You need to cover everything you decide clearly and in a way that all team members can understand, so there’s no space for misunderstandings or the mistakes that come with them.
And if employees have ideas about how to make your phone use even more secure, be sure to listen to them!