Unless you have an employee who is also a cyber criminal (unlikely, but not impossible), data is most often leaked by accident. If Security Awareness is not a point of focus for your business, employees tend to operate under the premise that 'everything is fine.' That false sense of security makes your employees and your business a target for hackers.
Take mobile devices, for example. Almost everyone has and heavily uses a smartphone, tablet, or both. But, few people have considered how risky using a mobile device for business can be. Data is often not secure and the personal nature of mobile devices causes people to let their guards down and let criminals in.
Use these tips to firm up your mobile data security and make sure that your data isn't floating around into the wrong hands:
Most employees will think nothing of using a business-issued mobile device on public Wi-Fi. But, public Wi-Fi is not secure and hackers can easliy grab unencrypted data. Instead, instruct employees on using a VPN or another alternative option for Internet access, with encryption when handling company data. Teach employees to be wary of when and where they're accessing private data.
SEE ALSO: Download our Disaster Recovery eBook now!
We've all seen the 'You've Won a Free iPad! Click here to claim your prize!' pop-ups. Any kind of offer like that (which can include free downloads, free software, and more) should be approached cautiously. Anything downloaded to a mobile device can be a threat to your mobile data security. Again, this comes back to Security Awareness and building a culture where employees think twice about data security.
Make sure you specify 'PH-ishing,' so no one brings a tacklebox and poles to your office. Unfortunately, Phishing is much less fun. Cyber criminals use 'social engineering' tricks to get employees to hand them sensitive data. Posing as authority figures, setting up fake websites, and inspiring fear or urgency are all tactics used against unsuspecting employees. Awareness is important, but it's also a good idea to reiterate that no sensitive data will ever be asked for in that way.
Passwords are your first line of defense against those looking to steal data. Choosing an easy-to-guess password is like leaving your front door unlocked. It makes a criminal's job easier, for no reason. While employees may leave their personal devices unlocked, stress the importance of choosing a strong password for any mobile device that will be used for business. If possible, using two-factor authentication or a password manager is an even better move.
Make anti-virus software mandatory for all mobile devices used for business. Similar to choosing strong passwords, having up-to-date anti-virus software is an essential first-defense against harm. Because most people see their smartphones and tablets as something completely separate from their computers, it is important to emphasize anti-virus - it's likely it hasn't been thought of.
Smartphones are constantly pinging us. Software and app updates are often seen as an annoyance and can be dismissed with a 'remind me later.' But, there's a hidden danger to choosing that option too often. Teach employees why updating software and apps on their mobile devices is important. Security patches and other measures are released through updates and ignoring them is ignoring improved security.
If a mobile device is stolen, misplaced, or you suspect is in the wrong hands, be sure to plan ahead and implement a remote wipe function. This will allow you to pull sensitve data remotely and keep it out of the hands of criminals. This is another opportunity to reiterate to employees how important it is to keep track of their devices and be wary of leaving them unattended in public.