After two years of working remotely, employees are starting to slowly return to the office.  Some companies are introducing a hybrid model and others are still keeping employees completely remote.  This means that we'll be continuing to use our personal mobile devices to access company data - a big security risk which is often overlooked!

1. Make Sure User Authentication Is On

It's so easy for laptops, tablets and smartphones to get lost or stolen.  This leaves a huge risk of our data being accessed.

The first thing you need to do is make sure all your devices have a screen lock turned on, and that they require a password or PIN to gain entry. 

Most devices have Face ID and Touch ID, which makes access easier, but not more secure.

Make sure ALL your devices are protected by making sure you are whom you say you are.

2. Update Your Operating Systems (OS) On A Regular Basis

The risk of using outdated software puts you at an even higher risk of getting hacked!  Apple, Google and Microsoft are constantly providing security updates to stay ahead of security vulnerabilities.  I know they can be a bit annoying at times but it is not something to shy away from!

Don't ignore those alerts to upgrade your laptop, tablet or smartphone.  Make sure you have automatic software updates turned on by default on your mobile devices. Regularly updating your operating system ensures you have the latest security configurations available!

When it comes to your laptop, your IT department or your IT services provider should be pushing your appropriate software updates on a regular basis.

Make sure to hit "restart" otherwise it won't do you much good!

3. Say No To Public Wi-Fi

Although it's very tempting to use that free Wi-Fi at the coffee shop, hair salon or airport or hotel lobby we recommend steering clear.

Any time you connect to another organization’s network, you’re increasing your risk of exposure to malware and hackers.  Accessing valuable information such as credit card numbers, bank account numbers, passwords and other private data can become easy for veteran hackers.

Interestingly, although public Wi-Fi and Bluetooth are a huge security gap and most of us (91%) know it, 89% of us choose to ignore it!

4. Download A Password Manager

Passwords are not disappearing any time soon, and most of us find them hard to remember. Especially when you have multiple passwords for various devices and programs.  Not to mention, we're also asked to change them frequently which makes the whole process even more painful.

Enter the password manager, which you can think of as a "book of passwords" locked by a master key that only you know.

They store passwords and generate strong, unique passwords that save you from using your cat's name or child's birthday...over and over.

Although Microsoft has enabled password removal on their Microsoft 365 accounts, we're still a long way from being rid of them forever!

It is also important that you pair your password manager with Multi-Factor Authentication (MFA, also known as 2FA) which is critical to protecting your online applications and services. Error Message

5. Remote Lock and Data Wipe

Bring Your Own Device (BYOD) policy should be implemented in every business.  This includes a strict remote lock and data wipe policy.

Under this policy, whenever a mobile device is believed to be stolen or lost, the business has the ability to protect the lost data by remotely wiping the device or, at a minimum, locking access.

Where this gets messy is that you're essentially giving the business permission to delete all personal data as well, as typically in a BYOD situation the employee is using the device for both work and play.

6. Cloud Security and Data Backup

All of your public cloud-based apps and services are also being accessed by employee-owned mobile devices, increasing your risk.

Back up your cloud data! Should your device be lost or stolen, you'll still want to be able to quickly access any data that might have been compromised.

Select a cloud platform that maintains a version history of your files and that allows you to roll back to those earlier versions, at least for the past 30 days.

Google’s G Suite, Microsoft Office 365, and Dropbox all support this.

After 30 days deleted files or earlier versions are gone for good.

You can safeguard against this by investing in a cloud-to-cloud backup solution, which will back up your data for a relatively small fee each month. 

7. Understand and Utilize Mobile Device Management (MDM) and Mobile Application Management (MAM)

Mobile security has become a hot topic in the IT world. How do we allow users to access the data they need remotely while also keeping that data safe from whatever is lurking around on these potentially unprotected devices?

The solution is Mobile Device Management (MDM) and Mobile Application Management (MAM).

Mobile Device Management is the configuration, monitoring, and management of the personal devices your employees use, such as phones, tablets, and laptops.

Mobile Application Management is the configuration, monitoring, and management of the applications on those mobile devices. This includes things like Microsoft 365 and authenticator apps.

Working together, MDM and MAM can become a powerful security solution, preventing unauthorized devices from accessing your company network of applications and data.

It is important to note that both of these solutions should be sourced, implemented and managed by IT experts that are familiar with mobile security. 

Worried about your organization's mobile cybersecurity? Sign up for your Complimentary Business Systems Assessment today!