Tips to take the worry out of mobile security

Mobile technology might well be a boon for employees, but it’s created a nightmare security scenario for CIOs. Viruses, spear-phishing, data breaches – remote access and BYOD devices mean that any employee can inadvertently put business at risk, anywhere, any time and from any device.

And that threat’s just from employees. Never mind the hackers out there, hunting for sensitive information, and becoming increasingly savvy and targeted in their attacks!

So what’s the IT department to do? We’ve put together 11 tips to help you take the worry out of mobile security.

1 Develop a security policy
If you don’t already have a security policy, spend time putting one together. And once you have one, make sure you enforce it.

2 Tell everybody about it
There’s no point having a security policy if nobody knows about it. Make sure it’s part of every new employee’s induction pack. Whenever the policy is updated, make sure everyone knows exactly what’s changed.

3 Run training sessions
Not everyone absorbs information through reading a policy document. Organise targeted training sessions for all employees, so they know what the security risks are and how to best avoid them.

4 Always expect the unexpected
Just because you’ve educated employees about security doesn’t mean the risk is no longer there. Not all employees will grasp exactly why a link to an intriguing quiz might pose a threat to data security – and someone might fall victim to a scam that looks all too real.

5 Address all aspects of security
Security comprises three elements – end-point, perimeter and server. You need to be across all of them, but the weakest element is end-point. This is where the human factor enters the equation, making end-point trickier to control.

6 Invest in the latest tools
Don’t rely on the traditional or consumer anti-malware tools you’ve used in the past. They’re unlikely to provide the protection you need against sophisticated attacks. Instead, invest in the new-generation tools that will help you manage security risk. These tools can identify and stop suspicious programs before they get a chance to cause any harm.

7 Target your security
Take a look at what people are actually doing on their devices – what sort of files are they downloading and from where? If they’re accessing the system via VPN, do they have the latest patch installed on their device? Unauthorised file-sharing systems like DropBox can be managed through the firewall.

8 Manage those devices
Just because people are using an increasing range of devices to remotely access the system doesn’t mean you have to lose control of them. You can separate corporate and personal content, push updates to approved devices, and even blacklist certain applications from a centralised management console.

9 Constantly review your security
Constantly review your end-point and perimeter security. New products are continually being developed and it’s vital to have the latest tools to ensure you stay ahead of the internet bad guys.

10 Think about outsourcing
If you think you don’t have the necessary skills – or the time! – to manage security effectively, outsource it. Concentrate on your business and appoint an expert that can help you lower the risk, complexity and cost.

11 Select your partner carefully
If you do decide to outsource, ensure that the partner you choose is an expert in the latest developments and technologies. Mobile is constantly evolving and your security set-up needs to keep up with the changes.

Navigating the fast-moving world of IT security –  particularly mobile – is a key challenge for many businesses. To continue the conversation or to see how we can help, do get in touch.