Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
3 Mobile Security Tips For SMBs
Everyone in an organization has to work together to combat intrusions and data loss, but this is especially true for small businesses.
2 Min Read
Mobile technologies have introduced a completely new world of risks to organizations that use them. While many larger enterprises have the resources to mount comprehensive campaigns, the era of mobile computing has placed smaller companies smack in the middle of a widespread and proliferating security crisis.
Here are three steps to help SMBs develop smarter mobile security policies in this ever-changing landscape.
First step: policy
Map out a security and mobile device policy that clearly separates personal and corporate data commingled on devices. Employees need to know specifically what they can and can't do on their mobile phones. You should write a user-focused rules of behavior document that every employee must understand and sign before they are granted access to your network.
Second step: education, access controls, and audits
It’s important to educate users on both the risks the devices present to the organization and your expectations of conduct. But strong, clearly stated company policy should also be consistently enforced through access permissions, published audit reports, and other sanctions. Frequent reminders that are integrated into general company-wide communications can make it clear what is expected and create a culture of good stewardship of digital devices and network resources.
Users should also be taught about the many basic precautions they can take to mitigate risks associated with lost or stolen devices -- and how to keep both personal and corporate resources significantly safer. These steps include:
Setting lock screens with strong passwords of 8- to 10-character minimum length
Installing anti-virus/anti-malware apps
Implementing data encryption
Securely backing up all data
Installing device locator and remote wiping capabilities
Keeping operating systems and apps updated
Third step: ongoing monitoring
Continuous monitoring and measurement will be essential to address known and emerging threats. This effort requires focus, discipline, leadership, and innovation involving:
People -- trained, skilled information workers
Culture -- a true concern for protecting employee data
Leadership -- for the big picture, and priority setting
Process -- You can't improve what you don't measure. What are you doing with the technology once you buy it?
Technology -- Is it implemented properly? Are you monitoring it? Is it integrated across your entire enterprise?
Strategies to monitor and assess devices and their data should include identification of all mobile devices accessing your network of IT assets, real-time monitoring and correlation of all activity, and both alerting and reporting on violations of security policy, user privacy, and compliance.
For companies of any size -- but especially SMBs -- the most essential and urgent task at hand is to build a culture of good stewardship of devices and data through a robust and detailed company policy and consistent enforcement at all levels, from entry-level employees to CEOs. Everyone in a company has to work together to combat intrusions and data loss.
About the Author
You May Also Like
More Insights
