Whether it’s a smart phone, tablet or laptop, mobile devices have become the constant companions of today’s employees and remote sellers. And this relationship has only been further cemented by the COVID-19 pandemic, which has thousands working from home or other remote locations.
From a productivity standpoint, this is a good thing. So many tasks that once kept employees tied to their desks are now doable from anywhere on flexible schedules. All this convenience, however, brings considerable risk.
Perhaps the most obvious threat to any company-owned mobile device is a data breach or theft. That could end a workday early, hamper productivity for days, and lead to considerable replacement hassles and expense. Indeed, given the current economy, thieves may be increasing their efforts to snatch easy-to-grab and easy-to-sell technological items.
Worse yet, a stolen or hacked mobile device means thieves and hackers could gain possession of sensitive, confidential data about your company, as well as its customers and employees.
Amateur criminals might look for credit card numbers to fraudulently buy goods and services. More sophisticated ones, however, may look for Social Security numbers or Employer Identification Numbers to commit identity theft.
There are a variety of ways that businesses can reinforce protections of their mobile devices. Here are five to consider as part of your Bring Your Own Device BYOD implementation plan, while working from home:
Having a wide variety of makes and models increases risk. Moving toward a standard product and operating system will allow you to address security issues across the board rather than dealing with multiple makes and their varying security challenges.
Make sure that your remote employees use “power-on” passwords — those that appear whenever a unit is turned on or comes out of sleep mode. In addition, configure devices to require a power-on password after 15 minutes of inactivity and to block access after a specified number of unsuccessful log-in attempts. Require regular password changes, too.
While working from home, don’t allow employees to store certain information, such as Social Security numbers, on their devices. If sensitive data must be transported, encrypt it. (That is, make the data unreadable using special coding.)
Employees are often tempted to mix personal information with business data on their portable devices. Issue a company policy forbidding or severely limiting this practice. Moreover, establish access limits on networks and social media.
Be sure your mobile devices have regularly and automatically updated security software to prevent unauthorized access, block spyware/adware and stop viruses. Consider retaining the right to execute a remote wipe of an asset’s memory if you believe it’s been stolen or hopelessly lost. Having a disaster recovery plan is also a good idea.
When assessing the costs associated with a mobile device, remember that it’s not only the value of the physical item that matters, but also the importance and sensitivity of the data stored on it. We can help your business implement an effective company device policy process for procuring and protecting all its technology, or an overall IT system improvement.