Using a company cell phone or your personal cell phone for work is something that happens a lot in today’s world. They are great devices that help us streamline processes and work more efficiently. Is your company ready if one of your employees lets someone into your network unknowingly because you didn’t have a mobile device policy in place? Here are five tips to help keep you, your business, and your employees safe when using company cell phones.
Implement a mobile device policy
This is particularly important if your employees are using their own personal devices to access company e-mail and data. Say that employee leaves, are you allowed to erase company data from their phone? If their phone is lost or stolen, are you permitted to remotely wipe the device? This would delete all of that employee’s photos, videos, texts, etc. – to ensure YOUR clients’ information isn’t compromised?
Further, if the data in your organization is highly sensitive, such as patient records, credit card information, financial information, and the like. You may not be legally permitted to allow employees to access it on devices that are not secured, but that doesn’t mean an employee might not innocently “take work home.” If it’s a company-owned device, you need to detail what an employee can and cannot do with that device, including “rooting” or “jailbreaking” the device to circumvent the security mechanisms you put in place.
Require STRONG passwords and passcodes to lock mobile devices
Passwords should be at least 8 characters and contain lowercase and uppercase letters, symbols, and at least one number. On a cell phone, requiring a passcode to be entered is critical. This will go a long way in preventing a stolen device from being compromised.
Require all mobile devices be encrypted
Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that unlocks (decrypts) the data.
Implement a remote wipe software for lost or stolen devices
If you find a laptop was taken or a cell phone lost, remote “kill” or wipe software will allow you to disable the device and erase any and all sensitive data remotely.
Backup remote devices
If you implement a remote wipe, you’ll need to have a backup of everything you’re erasing. To that end, make sure you are backing up all MOBILE devices including laptops. This will help if you need to quickly restore the data.
While these five are a good start, many organizations that are heavily using mobile devices or are handling highly sensitive data such as credit card numbers, financial information, social security numbers or medical records need to be far more diligent about monitoring and securing all mobile devices. Making sure you have and implement a mobile device policy that will keep you, your customers, and your employees safe. If you have any questions or would like to learn more great tips reach out to us. We are always happy to help.