Keeping Your SMB Bring-Your-Own-Devices Secure
If you have a small or medium sized business, it is likely that you have staff who are bringing their tablets, phones, iPads, and laptops to work every day. However, all of this puts your business to risk as they can also bring malware into your network.
On top of this, any of these devices can be lost, misplaced, or stolen. Since its extremely likely that your staff are using these devices for their work, think about all of the information that could be on there about your company…and it happens because Joe in accounting left his cell phone on the counter at a local coffee shop, and a hacker picked it up.
Also, think about this: depending on how successful your company is, there also might be a list of clients found on the devices, or at least a few. Now, someone has access to your clients, and what is stopping them from contacting your competitors and sharing your sensitive company information…for a price, of course.
Hacking also often involves the act of phishing where an employee will open up an email and then click on a link or open an attachment. When this happens, malware is unleashed, and the device and network is at risk.
Here are some tips to keep devices secure that you can share with your staff:
- Only use apps that have been purchased from a reliable source like iTunes or Google Play.
- Do not reuse passwords and use a different password for each login that you have.
- Keep all apps and operating systems updated. Any update that comes in should be downloaded and installed immediately. Don’t choose to update later, as this is a great opportunity for hackers to get into a vulnerable app.
- Start using anti-virus software. These apps can be found in iTunes or in the Google Play store.
- Be cautious when installing anything with a “free download.” Sometimes viruses and malware can be found there, and they can get out onto your network before you know it.
- Choose the feature where device passwords are protected and wiped clean after a certain number of log-in attempts.
- Make sure that all staff understands that free Wi-Fi spots are not secure. So, they should be using a VPN anytime they are trying to connect to a free Wi-Fi network.
- Phishing scams are becoming more common than ever before, so make sure that your staff knows how to recognize scams like this.
- Don’t trust email addresses that you don’t know and don’t trust any email that claims it is coming from the CEO or Board of Directors unless it’s an email that you can verify.
- Do not use any device that is jailbroken. This opens it up to too many viruses.
Understanding MDM
Mobile device management software, or MDM, should be used. This software helps to protect devices, and it is a safety net for any type of business or personal device. For instance, if a mobile device is lost and the person who finds it tries to enter the passcode a certain number of times, the device will lock out the person doing it. You can also set it so that the entire device is erased if there are too many login attempts. MDM also offers firewall protection, encryption, and antivirus capabilities. Additionally, it can monitor the system to add another level of security. There should be a policy in place that every employee must use this software on their device, or they can’t use it.
Utilize Additional Experts
“Do it yourself” information security for small business in theory might seem to save a few bucks. But in the long run it might cost your small business a lot more. Engaging experts such as Managed Security Service Providers, or for smaller businesses, also known as a Virtual CISO’s (chief information security officer), can run the most comprehensive vulnerability scanning software among other ethical hacking tools, will make sure bad guy hackers can’t get in and make a mess of all you have worked for.
Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.