Because of all they can offer, smartphones and tablets are essential to the daily operations of many professions. However, as their usage increases, it will become even more important to ensure adequate security—from both new and existing threats.
Gone are the days when the most sensitive information on an employee’s phone was contact names and numbers. Now a smartphone could grant access to any number of applications, emails and stored passwords.
Depending on how your organization uses such devices, they require the same security considerations as any traditional computer system. Conduct a formal risk assessment to see where the biggest risks are, and keep in mind the following security threats:
- Access to lost or stolen devices—To prevent someone from accessing a lost or stolen device, it should be locked with a password. The password should be time sensitive, automatically locking the phone out after a short period of inactivity. Most devices come with such security features built in, which is something to consider before purchasing. Depending on the cellphone provider, there are also services that can remotely lockdown or erase a device.
- Malicious threats—Mobile devices have the potential to be just as susceptible to malware and viruses as computers. Third-party applications are especially threatening, as they make it easy for malware to install itself onto a device. Employees should never install unauthorized applications on company devices.
Before issuing smartphones to your employees, establish a device usage policy. Outline what does and does not constitute acceptable use and what actions will be taken if employees violate the policy. It is important that employees understand the security risk inherent to smartphone use and their role in its mitigation.
