7 Steps to Mobile Security Heaven
Our guest blogger William Macleod is the Technical Director at Seric Systems. As head of the technical team for many years at Seric, Billy’s background is in storage and virtualization.
Seric Systems are all about listening to their clients: understanding their software, hardware, risk and analytical issues and requirements. Their aim is to deliver a fit-for-purpose technology platform to help support businesses in the long term.
7 Steps to Mobile Security Heaven
Mobiles are an obvious security risk. They are small and easily transportable (some might even say mobile!) which means it is easier for them to be lost or stolen. They are also easy to use. Your apps are always logged in. Once the phone is accessed all apps are easily accessed (e.g. you don’t have to put your twitter password in to open the twitter app, or facebook password to open facebook, it’s already logged in).
So, if the device is lost or stolen the person finding or taking the device has access to all your apps. Has access to read your emails, send emails as you, send tweets as you, access your facebook etc etc. As a personal user this is frightening. It’s also frightening with your business head on. What if someone reads those important business emails? Or publishes them for the world to see? What if someone posts on social media, as you, promoting your competitor?
What can we do to protect against lost or stolen devices?
We’ll it doesn’t have to cost the earth. We can start with:
Set a Password: Ensure there is a complex password or passcode to access the phone – so that someone can’t just swipe and gain access. Remember even if you are using fingerprint scanning that there is a password option as well, so ensure the password is complex as well. If you can swipe your fingerprint or type "1234" then it isn't very secure!
Encrypt device: Ensure that the phone is encrypted. Without encryption, someone can take the drive or sim out of your phone and insert it into their phone to read it.
Setup Remote Wipe: Setup your phone to give you the ability to locate, lock or wipe the phone if it is lost or stolen.
Most of these features are built in to any modern phone, they just need enabled. A business however might want to look at software that can manage and monitor all their devices from one location and can push out the settings, to ensure everyone has them.
How do I protect against electronic theft?
Well, I’m glad you asked.
Install anti malware: Similar to your PCs, you can get anti-malware software for phones. These stop you from browsing to unsafe sites, and also check apps before you install them to see if they are safe or not (a lot of apps pretend to do one thing but actually do another).
How can I protect my data as it travels over the airwaves?
Another great question!
4G: You could just use your 4G allowance, so it’s not going over someone else’s Wi-Fi network. Vodafone have much better security than Bob’s TeaRooms free wi-fi!
Safe Wi-Fi: You could only connect to wi-fi networks that you know about and trust. Business mobile management tools can setup and push out wi-fi profiles and stop you from connecting to any other network.
VPN: you could setup a VPN. A VPN can encrypt your traffic and route it via a safe place eg you office). This is a great idea as your office can monitor and protect all your wi-fi traffic, as if it was coming from the building.
You can do most of the above yourself, but it makes sense to use a trusted tool to manage and enforce all the settings (especially if you have lots of mobile device). At seric we recommend
- Trend Micro Worry Free Business Security Service - for small companies or basic functionality
- Trend Micro Mobile Security - for larger companies (very cost effective as part of Trned Micro Complet Endpoint Protection Suite)
Or for specific functionality we recommend
Seric Systems can help you decide what product is best for you. We can also deliver it to you as a service, meaning you don't have to worry about deploying it, managing it, monitoring it. We'll do it all for you.