Securing computers, networks and systems should be high on the priority list for small and large organizations. As companies try to expand their mobility and establish stronger customer relationships across a variety of channels and mediums, the need to secure these multipurpose mobile devices and platforms becomes more apparent and significant. The sensitivity of customer, business and personal information demands robust organizational polices and vigilant attitude towards mobile security.
Why are most mobile devices targeted?
Mobile security has not progressed as fast as smartphone adoption and use, making it a vulnerable area for attacks. Rapid progress in the mobile industry and introduction of apps, rooted phones (e.g. jailbreaking an iPhone), and cloud services has made mobile phones particularly vulnerable.
Your mobile devices may contain significantly more data than your computer. In most cases, they hold personal sensitive data (name, age, passwords, addresses, etc.) as well as corporate data such as bank details or client files. Additionally, many mobile devices require full or limited access to your organization’s network. These points make your mobile phone a valuable target for hackers.
For example, while hackers can only attempt a phishing attack through email on your computer, hackers can phish you through emails, texts, and calls to your mobile phone. Additionally, apps have given hackers new ways to download malware straight on to your devices. While the official mobile app stores (Apple Store, Google Play Store) have controls in place to reduce malware on apps, some still get through and additional online downloadable apps can contain malware.
How to keep your devices more secure!
Here are several tips to get you going with basic mobile security and help establish a more proactive attitude towards mobile threats:
- Don’t download apps from unofficial app stores or from websites. If you must, be vigilant and use antivirus protection. Enable “Find My iPhone” or “Find my Android” to locate lost devices or wipe/lock them if stolen.
- Install anti-virus and security software ONLY from a well-known cybersecurity vendor.
- Consider the access/permissions you are giving an app and don’t install apps that ask for too much information.
- Regularly back up your phone.
- Always use an encryption application for protecting any sensitive information on your phone.
- Never open documents that you are not expecting, even if it looks like it’s from someone you know. Be suspicious of calls, emails, texts, etc. that ask for personal information such as user names and passwords. Make sure to enable two-factor authentication when available.
- Protect your devices with pin or password lock so that nobody can gain unauthorized access to your device when remains unattended. Keep in mind, fingerprint locks are safer than passwords.
- Keep your device always up-to-date with the latest security patches.
- Use VPNs when connecting to public Wi-Fi networks and do not trust public WiFi networks.
- For Android devices: ensure that you have already opted for Google Play Protect. Enable ‘Verify Apps’ feature from settings and keep “unknown sources” disabled while not using it.
Ask for help
It may seem like a lot to remember, but by using common sense and remaining thoughtful about your digital security, you’ll be able to avoid most threats and keep your business running smoothly. VEDC offers risk education courses from Travelers Insurance to business owners, and for more information on security best practices, you can find related workshops or contact us for additional info.
About the Author
George Nikolov and his staff have worked in the Information Technology field for over 15 years with a strong focus on business security and data reliability. Since 2015 they have worked to modernize VEDC’s systems and tools to better serve our small business clients.