6 Ways to Increase the Security of Company-Provided Mobile Devices
Securing employee mobile devices is an uphill battle because let's face it, they're going to surf the net on their phones. Especially if the phone is a device they bought with their own money for personal use. There is a great deal of controversy in going through the necessary steps to maintain a secure mobile connection on employee-owned phones which is why so many businesses have decided to provide company phones for work use instead.
Fortunately, if you've decided to go this route, you do have the freedom to take the necessary steps to keep these mobile devices secure. This way, your employees will be able to work remotely from their phones (and tablets and laptops) without encroaching on their freedom to do what they like with their own devices. Today, we're here to outline six reliable methods to secure company-provided mobile devices and keep them secure.
1) Screen Locking with Unlocking Authentication
The first step is to accept the auto-login dilemma for what it is. Even otherwise secure business apps that you may be working with have sacrificed a crucial element of security for easy accessibility: the auto-login. Auto-logins leave a device user logged in at all times, allowing anyone with physical access to the phone to also access files and features that should be secure. Even apps with timed-out logins are insecure if they also helpfully 'remember' passwords so that login requires only a single tap.
The answer? Take timed-out authentication into your own hands by ensuring all your company-provided phones lock the users out without another round of personal authentication. The good news is that modern phones make this quick, easy, and secure with options like retinal and fingerprint scans or visual passwords like drawing a quick line-picture that only your employee knows about.
2) Anti-Malware Software
Next, you'll want to address the fact that malware is everywhere. And no matter how much you emphasize safe phone practices, someone will accidentally visit a dangerous website or download an infected file on the company phone and contract a virus. The best thing you can do is detect this as quickly as possible by installing anti-malware on the company phones by default. Ideally, the solution you find will not only detect and alert the user of the malware but will take care of the cleanup on its own.
3) Clear Rules for Employee Device Usage
Speaking of safe phone practices, employee training is another method to keep the company phones secure. For anyone who receives a company phone, be very very clear about what they are and are not authorized to do with the phone. The less 'gray area' you leave, the less likely that more than one or two people will overstep the bounds and look at risky websites on their work phone. Everyone with a strong sense of employee responsibility will do their best to adhere to the rules, reducing the chance that malware will find a foothold in their web browsing or email answering practices.
4) Device Location Tracking
Another fact to accept early is that phones get accidentally left behind, lost, and stolen all the time. Because this is a company phone that employees can choose to leave behind when they are on personal business, you are (most likely) ethically clear to install a device location tracking program onto each company phone. In most cases, you will not need this feature or have any need to access it. However, if an employee reports their phone missing or stolen, you will be able to come to the rescue by quickly locating it through the phone's own connection to the cell network or even a nearby wifi network.
5) Remote 'Kill Switch' Program
And in the event that one of the company phones is actually stolen, be sure to have a kill-switch program installed. This allows you to wipe all proprietary data and company apps from the phone (in fact, it will probably wipe everything). A kill switch is your best bet for ensuring that stealing the phone and somehow spoofing or getting around your authentication measures does not expose the data you've worked so hard to secure. Employees should be aware of both the location tracking and the kill switch features and what this means. They should be encouraged not to keep any irreplaceable data stored locally on the company devices.
6) Regular Device Scanning
Finally, we advise implementing regular (monthly) deep scanning of all company-provided mobile devices to ensure that no particularly sneaky malware has managed to slip past the anti-malware software already installed. Because these devices belong to the company, a deep scan is not an invasion of employee privacy. No one should have a problem with you ensuring that they are not walking around with a hacked device or bringing malware into the company network via the wifi connection.
Mobility is a vital trait for modern companies that value flexibility and the ability to have employees work outside of the office. But mobile phones and apps are notoriously insecure, putting your proprietary and sensitive data at risk if accessed on a device that is not completely locked down. By providing company phones and sticking to strict security rules, you can allow your employees to work remotely through apps and be certain that the very mobile access they need does not become an avenue for malware invasions and data theft without their knowledge. For more expert data security and business communication technology, contact us today!