Mobile devices have become digital extensions of the human body. People do not leave home without their mobile device and are constantly checking their various feeds for the most up-to-date information, whether for productivity or consumption. Steps should be taken to protect the sensitive data on your device even when you always have it on you. This is particularly true for mobile devices meant strictly for professional business use which can contain sensitive information.
The following steps can help mitigate the chances of a data breach via mobile device and subsequent claim against you and your firm.
Passcode Protection
All corporate owned cell phones should have strong passwords enabled to prevent easy access to information in case a phone is lost or misplaced. This includes passwords to access the phone itself as well as passwords to access individual applications. Do not rely solely on biometric authentication such as fingerprint readers or facial recognition while leaving traditional text/numeric passwords out of date or easy to guess. For more information password management, check out our post The Art of Efficient Password Management – Purves Redmond Limited.
Encryption of Encoded Data
Ensuring end-to-end encryption is enabled on your mobile device and individual applications (email, SMS, etc.) will hide data from hackers and lessen exposure to a data breach. The option to encrypt an application should be found in your mobile device settings or ask your firm’s IT department how to turn on this setting to protect your sensitive data.
Auto Lock
Your corporate owned device should be set to automatically lock after 10 minutes (or less) of inactivity. This is particularly important if you are working in a traffic public space, such as a café or airport lounge.
Corporate Owned Devices vs “BYOD”
Firms should encourage everyone to use a corporate owned device rather than a Bring Your Own Device (BYOD) program. Devices that are corporate owned can be configured to ensure defensive software/technology is on the device, whereas BYOD has no guarantee of protection.
Strict Separation of Use
Firms should encourage strict separation between corporate and personal owned device activity. Personal email, web browsing, and social media should be done on a personal device. Some firms may choose to block certain applications or only allow downloads from trusted applications onto a corporate owned device to mitigate the chance of a data breach.
For more information on how to protect data on your mobile device, contact:
Chris de Sousa Costa, MBA // 647.242.7469 // cdesousacosta@purvesredmond.com
Works Cited
Stouffer, C. (2022, September 2). 115 Cybersecurity Statistics & Trends to know in 2023. Retrieved from Norton: https://us.norton.com/blog/emerging-threats/cybersecurity-statistics