Mobile devices have gradually made their way into office workflows over the last decade or so.
At first, they were used as an additional way to get calls when out of the office, then as cloud applications exploded, they started to be used more and more. Now mobile devices can access just about all the same data through cloud business apps that desktop computers can.
With the rise of mobile use at work came the term “bring your own device,” known as BYOD, which is when companies have employees use their own personal smartphone for business purposes.
Approximately 87% of businesses use BYOD and are reliant on their employees accessing mobile business apps from their personal devices.
BYOD has multiple advantages for companies, including:
- Cost savings (BYOD is estimated to generate $350/year/employee in value)
- Employees are more productive on familiar devices
- Not having to purchase or administer company-owned devices
- Most cloud apps work on both Android and Apple devices
But the one area of mobile use at work that hasn’t quite kept up is security management of mobile devices.
The Challenge with Securing Mobile Devices
There are several challenges when it comes to using a BYOD policy to enable the use of mobile phones for business use. Companies that rely on their employees to use their personal devices for work also have a fine line to walk because the device isn’t company owned.
Preventing Data Breaches
When you have multiple employee devices accessing your network it can be difficult to prevent data breaches because they may or may not have an anti-malware application on the device and may or may not be updating their device software and apps regularly with security patches.
Company Data on Employee Devices
A full 60% of companies do not have a policy for removing business data from the devices of employees that leave the company. This can both result in sensitive information being compromised and loss of work product or client contact information that was stored on an employee’s device.
Keeping Track of Access
When you have multiple mobile devices accessing your business data from multiple potential locations and IP addresses it’s more difficult to put in place security policies that protect your network from unauthorized access. Without a tracking mechanism that catalogue’s each device and its access history, you’re leaving your network more vulnerable to a breach.
An average mobile device can connect to several free Wi-Fi hotspots each week as the owner is going from place to place. What happens if they’re on an unsecure Wi-Fi and log into their Office 365 account to check email? If there is a hacker on the same network, they could easily steal those login credentials.
Mitigating the Risk of BYOD
In most cases, not using mobile devices for work is no longer an option, so the best way to mitigate the risk of employee devices used for business is to adopt security policies and tools that help you manage and secure those devices.
Mobile Device Manager
The best way to handle mobile device security is through the use of a mobile device manager. This is an application that is designed to keep the work and personal areas of an employee-owned device separate so you can apply security policies without infringing on their personal phone use.
If you’re an Office 365 user, then upgrading to Microsoft 365 will give you their mobile device management application, Intune, with your subscription. Users simply download the app on their mobile device, and your administrator can then connect to the smartphones remotely from a central control panel for security management.
Some of the important features you get with a mobile device manager include:
- Ability to automate security patch updates
- Add device security, such as anti-malware
- Remotely lock or wipe business data from a device
- Deploy company-wide security policies across all devices
- Add and revoke access to business apps remotely
- Receive logs of mobile device access of company app & data
Cloud Backup Service
Another consideration with employee owned devices is the work product or business-related communications or photos that may be stored on them. If an employee leaves abruptly or if they happen to lose their device, your data could be lost if you’re not backing up the device regularly.
Include mobile devices in your company cloud backup strategy to ensure that data is being captured in an accessible cloud storage system so it’s not lost if anything happens to the device.
Virtual Private Network (VPN)
Some mobile device managers will come with a VPN feature included, but if not, it’s a good idea to use a business VPN to ensure a secure, encrypted connection to your network no matter where a device is connecting from.
A virtual private network acts as a secure tunnel for communications, keeping your online activity secure, even when connected to an unsecure public Wi-Fi.
Get Your Mobile Security Plan Up and Running!
Don’t leave your network at risk of a data breach, ensure that you have a solid mobile security plan. ZZ Servers can help you get the safeguards and reporting mechanisms in place to keep your devices and network properly protected.
Contact us today to schedule a free consultation. Call 800-796-3574 or reach out online.