Smartphone security tips for businesses

Smartphones are just as vulnerable to cyber attacks as the traditional desktop, and in some cases even more so. With the wide range of sensitive data we keep on our devices this is hardly surprising.

Cases of mobile malware are on the rise, with an increasing number of flaws being found in the Android platform in recent years.

Research from G DATA found that almost 3.2 million new Android malware samples were discovered by the end of Q3 2018, this totals to over 11,000 new malware samples daily on Android operating systems alone.

Lots of UK businesses provide employees with smartphones, which many use as personal devices as well, which can lead to a whole host of malicious nasties.

To help, we take a look at how businesses can secure their mobile fleet.

Read next: Best open source help desk software.

Additional reporting by Hannah Williams.

Activate two-factor authentication
iStock

Activate two-factor authentication

Two-factor authentication acts as a second layer of security. Particularly for business users, it is a good way to control access to data.

The authentication process also makes it harder for attackers to gain access to devices or accounts as there is additional security added once a hacker has got past the password.

All smartphones should include two-factor authentication. Apple offers this with its Apple ID feature.

Perform an audit of existing mobile devices
iStock

Perform an audit of existing mobile devices

Mobile audits are part of common practice in organisations that already offer a smartphone to employees. These audits will analyse the current fleet, the individual devices and their actual usage

Performing an audit of mobile devices should offer an idea of what devices your employees are using and allow you to identify potential security weaknesses, depending on their smartphone habits.

For example, if an employee regularly travels they might connect to public Wi-Fi so will require extra security to offset a potentially 'dangerous' internet connection.

You'll need to know how many devices you have, what they are used for, if they are the primary phone for the employee and whether they are updated with the latest security software.

Putting together a quick questionnaire and passing it out among employees will answer these questions and will highlight any areas that need addressing.

Invest in MDM software
iStock

Invest in MDM software

Increasing number of businesses are depending on mobile devices for collaboration and connectivity for remote workers. And these organisations should look to mobile device management (MDM) software to support their devices.

MDM tools should secure, manage, and also monitor your whole fleet of employee devices. There are tools available from IBM, MobileIron, SOTI and Microsoft that offer a virtual desktop environment, remote file protection and on-device VPN.

See here for a full list of top MDM software.

Create a code of best practice and stick to it
iStock

Create a code of best practice and stick to it

While there are lots of device management tools and security software that aim to keep devices secure with relatively little effort, a code of best practices should be upheld to ensure the 'common sense' aspect of security isn't forgotten.

A simple document providing security 'musts' should ensure the basics of mobile security are upheld. For example, not syncing personal emails with work phones, not visiting unsafe websites or connecting the phone to unverified devices should be among each organisation's mobile best practices.

Make sure your OS is updated

Make sure your OS is updated

Both iOS and Android regularly update their operating systems, whether that be for a small bug fix or a new version of the software is released.

Making sure your devices are updated is a security must. It will ensure you are running the optimal software and that any bugs or security flaws are dealt with.

While devices running Apple's iOS are able to set updates to happen overnight, most updates on both OS' will require you manually press 'update'.

Both operating systems will notify you when an update is due, but it is up to the user to action the update. This means reminding employees and updating any shared devices, like department tablets also.

Limit access to non-business apps
iStock

Limit access to non-business apps

Some employees will want to only use one phone, and will opt to integrate both work and personal applications on the one device. While this may encourage greater efficiency by having all necessary documents and apps in one place, it can leave employees more vulnerable to attacks.

Limiting employees use of non-business apps could make this risk smaller, by keeping the work mobile strictly for work. While some MDM tools claim to be able to do this, if you choose to opt out of MDM software, this could be written into a mobile fleet best practices document.

Encryption
iStock

Encryption

Depending on the type of smartphones used by employees, you might want to consider some level of encryption.

iPhones and Android phones will require different levels of encryption, with the release of iOS 8 in 2014, Apple began encrypting iOS devices with built-in call logs, photos, documents, apps and messages encryption.

Android devices could be seen as more vulnerable as they run an open source operating system. However, in 2011, Google offered encryption at users' discretion, while later in 2014, some Android versions such as Lollipop offered encryption that was turned on by default.

Consider mobile antivirus
iStock

Consider mobile antivirus

There is some debate as to whether mobile antivirus software actually works. Some argue that all smartphones should use it, while others deem it useless and advise smartphone users to rely purely on common sense to avoid having their device compromised.

Most antivirus tools claim to offer some level of data backup, remote wiping and malware protection and while these features (if they work) are better than none, most phones come with built-in antivirus and deem these features unnecessary.

Depending on the content travelling across your mobile network, you might want to try out some different antivirus apps. Opting for a paid-for antivirus application will offer the best level of protection across a number of phones, but for those on a budget there are competitive free options out there.

Although, if your employees are using iPhones, there is a smaller need for external antivirus apps as Apple offer protection built-in.

Choose the right type of smartphone
iStock

Choose the right type of smartphone

Whether you go for an iOS-based fleet or an Android fleet will determine the level of protection you'll need to take when securing employee mobiles and alter your code of best practices.

So choosing the correct mobile phone is the first (and obviously vital) step in creating a secure and responsible mobile fleet.

iPhones are widely regarded as the more secure out of the two, mainly because it is a closed platform, whereas Android is built on an open source basis. Although this doesn't mean that iOS devices are totally secure, they're not.

And don't even think about getting Windows phones. Not because they were particularly bad, in fact, they were pretty business focused, if a little behind the curve.

Microsoft has stopped making Windows phones, so it is just a matter of time before support for them dries up. Why invest money into this?

Blackberry is also a solid option. Although its phones running Android are probably the best option.

See here for a full list of top smartphones for business users.

Copyright © 2018 IDG Communications, Inc.