Mobile BYOD Security IT Best Practices

Mobile-BYOD-Security-Threats

Mobile BYOD security is always an issue for IT and security.  Going online increasingly means going mobile. “There’s an app for that” is the truth these days. Unfortunately, mobile device security brings the same set of concerns that full computer and cloud systems are battling – threats, hacking, and ransomware.

The biggest security threat to mobile devices that is not found in desktops or servers is that very mobility. In mid-2015, 2.1 million Americans reported their mobile phones lost or stolen according to Consumer Reports.  That’s a drop. Add tablets and the count is higher, but still less than what it has been. CR doesn’t try to say why the number of missing devices is down.

Mobile BYOD Security in the Work Environment

The ability to wipe data or lock down a smartphone was considered high end security. Apple led the pack in that kind of security, but even the vaunted iPhone was hacked. It’s probably easier than you think. “More than 86% of Apple iPhones in the world are apparently still vulnerable to a security flaw that allows a hacker to completely take over the device with just a text message, according to data from mobile and web analytics firm MixPanel,” said a report at Business Insider.

It does not matter if your work environment is BYOD or company-supplied. Once the mobile device is gone, expect it to be hacked.  Think a remote wipe of the mobile device is going to protect your information? It won’t. A quick google on “recover lost data from smartphone” turned up plenty of companies selling information-recovery software.

YouTube also has plenty of videos teaching people how to recover files from a smartphone. While these tutorials are aimed at helping someone find and restore “lost” photos or text messages, there’s not a real difference between a picture of someone’s kids at the park and a file with a client’s payment information. Data is data.

Some of these ideas are worth adding to your company’s mobile BYOD security policies.

  1. Lock it. Set a strong passcode or password on company-supplied devices. The more numbers used, the better. Get the IT staff to set passwords or codes. A lot of employees, if allowed to do it themselves, will choose something simple or something personal like a birthday for numbers or children’s names for passwords. For BYOD either limit access to sensitive information or have IT set strong codes for access to those files.
  2. Auto erase after failed unlocks. Restoring deleted data is cheaper than covering losses from a hack.
  3. No public charging stations. Viruses and malware at public charging stations have been around for years. CNBC said the problem is getting worse.  “Here is how it works: The cybercriminal needs to hide an HDMI [high-definition multimedia interface] splitter and recorder in the charging station. Most smartphones are now HDMI-enabled so you can share images from the phone onto a TV. Once plugged in, the station uses the built-in HDMI to record everything done on the smartphone without the user’s knowledge.”

None of these are guaranteed to stop a dedicated hacker when it comes to mobile device security.   But they will frustrate someone who stole the phone or tablet and hoped for an easy score. They can also create enough of a delay for you to lock out the device from your system and alert any customers whose information may be compromised.

Enable Stronger Mobile BYOD Security

The US Computer Emergency Readiness Team (CERT) says mobile hacks are steadily climbing. The report lists things to do to protect mobile devices.  CERT’s best security ideas are:

 

  • Don’t put sensitive information on mobile devices. May not be practical, but this is the best mobile BYOD security policy.
  • Limit the type and number of apps allowed on a mobile device. For a BYOD, this could be problematic. If you are in a BYOD environment, have the employee sign an agreement allowing the IT department to lock company information and restrict access to it.
  • Step up the basic access to the phone with longer pass codes and more complicated passwords.
  • Disable Bluetooth, infrared and Wi-Fi.

Mobile-BYOD-SecurityMobile may not be part of your company’s business model right now, but it is coming.  If you already have it, what are you doing to make things secure? What’s in your company’s written mobile device policy?  How do you enforce it? How do you monitor the devices, especially if you are BYOD?

Having issues with recruiting cyber security experts with deep experience in wireless protocols, mobile networks, mobile security apps and BYOd security?  Click below to ask NextGen how we can solve recruitment issues and deliver the right candidates for hire.

 

Share:

I am excited to add the Diversity Sourcing designation to my toolkit. With the fast-growing demand for diversity, equality, and inclusion in the workplace HR,

Corporate data security certification is a higher priority than ever and there are ways of making this significant investment pay additional dividends. Here are some

Applications and use cases include utility, military, financial, and end-user interoperability. IOT has new protocol stacks that help device manufacturers create and cooperate. This includes:

What is CBRS and how can you use it to benefit your organization? In 2017, the US Federal Communications Commission introduced a 150 MHz wide

By definition, “Internet of things” is the concept of devices connected by a series of protocols in order provide greater interoperation, capacity, and sense of

Internet of things (IOT) devices according to Gartner (Gartner IOT) will reach close to 25 billion activation’s by 2023. Many of these devices will support

By definition, “Internet of things” is the concept of devices connected by a series of protocols in order provide greater inter operation, capacity, and sense

Popular News

I am excited to add the Diversity Sourcing designation to my toolkit.

Corporate data security certification is a higher priority than ever and there

Applications and use cases include utility, military, financial, and end-user interoperability. IOT

What is CBRS and how can you use it to benefit your

By definition, “Internet of things” is the concept of devices connected by

How to Evaluate an Executive Search Firm
Receive the latest news

Subscribe To Our Newsletter

Get notified about new articles, videos, seminars and all the breaking industry news as it happens