Small Business Guide to Cyber Security - Part 3

Keeping your mobile devices secure

Mobile technology is now an essential part of modern business, with more of our data being stored on tablets and smartphones. What's more, these devices are now as powerful as traditional computers, and because they often leave the safety of the office (and home), they need even more protection than 'desktop' equipment.

With this is mind, here are 5 quick tips that can help keep your mobile devices (and the information stored on them) secure.

Tip 1: Switch on password protection

A suitably complex PIN or password (opposed to a simple one that can be easily guessed or gleaned from your social media profiles) will prevent the average criminal from accessing your phone. Many devices now include fingerprint recognition to lock your device, without the need for a password. However, these features are not always enabled 'out of the box', so you should always check they have been switched on.

 Tip 2: Make sure lost or stolen devices can be tracked, locked or wiped

Staff are more likely to have their tablets or phones stolen (or lose them) when they are away from the office or home. Fortunately, the majority of devices include free web-based tools that are invaluable should you lose your device. You can use them to:

• track the location of a device
• remotely lock access to the device (to prevent anyone else using it)
• remotely erase the data stored on the device
• retrieve a backup of data stored on the device

Setting up these tools on all your organisation's devices may seem daunting at first, but by using mobile device management software (MDM), you can set up your devices to a standard configuration with a single click.

Tip 3: Keep your device up to date

No matter what phones or tablets your organisation is using, it is important that they are kept up to date at all times. All manufacturers (for example Windows, Android, iOS) release regular updates that contain critical security updates to keep the device protected. This process is quick, easy, and free; devices should be set to automatically update, where possible. Make sure your staff know how important these updates are, and explain how to do it, if necessary. At some point, these updates will no longer be available (as the device reaches the end of its supported life), at which point you should consider replacing it with a modern alternative.

Tip 4: Keep your apps up to date

Just like the operating systems on your organisation's devices, all the applications that you have installed should also be updated regularly with patches from the software developers. These updates will not only add new features, but they will also patch any security holes that have been discovered. Make sure staff know when updates are ready, how to install them, and that it's important to do so straight away.

Tip 5: Don't connect to unknown Wi-Fi Hotspots

When you use public Wi-Fi hotspots (for example in hotels or coffee shops), there is no way to easily find out who controls the hotspot, or to prove that it belongs to who you think it does. If you connect to these hotspots, somebody else could access:

• what you're working on whilst connected
• your private login details that many apps and web services maintain whilst you're logged on

The simplest precaution is not to connect to the Internet using unknown hotspots, and instead use your mobile 3G or 4G mobile network, which will have built-in security. This means you can also use 'tethering' (where your other devices such as laptops share your 3G/4G connection), or a wireless 'dongle' provided by your mobile network. You can also use Virtual Private Networks (VPNs), a technique that encrypts your data before it is sent across the Internet. If you're using third party VPNs, you'll need the technical ability to configure it yourself, and should only use VPNs provided by reputable service providers.

Taken from National Cyber Security Centre - Cyber Security: Small Business Guide