Skip to content
Spectralink Logo Spectralink
Discover More

Best Practices for Securing Mobile Devices

Spectralink thumbnail

Discover the top Best Practices for Securing Mobile Devices and safeguard your dataMobile telephony has helped transform the way people communicate, both in everyday life and in business. Not only does it mean that people can communicate almost anytime and anywhere, but mobile devices enable it to be done via a multiple range of methods, from voice calls to texts, to sending files as email attachments.

All this may sound so familiar now that it is taken for granted, with memories of old ways of working being fading memories for some staff and an alien concept to younger workers.

Despite that, however, the familiarity with using mobile is not always matched by an appreciation of the need to maintain security, even though major security breaches compromising personal data, leaking company information, and opening avenues for extortion attempts are common and often in the news.

Indeed, recent news stories such as the online ‘dumping’ of private files on school children in Minneapolis by cyber criminals who had obtained the data using ransomware should not be seen as someone else’s problem affecting the schools in one American city, but as a clear warning of the kind of dangers posed to everyone.

An obvious risk with mobiles comes if they fall into the wrong hands, but they also need to be protected in the same way as any device from hackers who gain entry through password breaches or any other vulnerability in the security apparatus.

Some steps you take can be simple, like making sure you don’t have overly simple passwords that are easy to guess. A strong pass-code policy, however, will include more than that.

Examples of this could include password encryption, the use of one-time passwords, and procedures for security breaches to nip problems in the bud.

Encryption can also be used to protect sensitive data that is stored on a mobile device. This may operate independently of all the other things a mobile is used for in the event of a company operating a ‘Bring Your Own Device’ (BYD) policy, so it doesn’t stop the device from being used in a ‘normal‘ way, but it does protect the stored data if it is lost or stolen.

What this means is that even if a cyber criminal can get through the password barrier, they still face a wall of encryption that will stop them from accessing the data stored on the phone.

Choosing an enterprise device instead of having a BYOD policy is also a smart option. Enterprise devices are often built to higher security standards than consumer devices. Typically, these devices are only used while in the workplace and are not brought home by employees, so the risk of losing devices or having them stolen is much less. Conversely, employees who use their own devices at home or on public networks outside the controlled workplace are more vulnerable to hackers who steal information through unsecured networks or databases.

Plus, by choosing an enterprise device that has been Android Enterprise Recommended, or even FIPS validated, like the Spectralink Versity 95 Series smartphone, you can be sure that your device has gone through rigorous testing to meet the highest possible security standards on the market – a claim that many consumer and other enterprise devices can’t make; it truly comes down to choosing the right device for your needs.

No matter which device you choose, employing a Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) solution is critical for security, as this simultaneously provides a wide array of services and the capacity to intervene in and monitor the use of mobile devices for work purposes.

For example, it can monitor devices to check their general health from a security perspective, ensure the configurations are set the right way to maintain security and enforce security policies by spotting any cases where protocols or best practices are not being followed.

Another utilization of MDM software is to help ensure that devices are up to date with the latest security patches, many of which are produced in response to emergent threats identified through cyber incidents and thus need swift implementation. IT and Telecom teams are able to push these patches through to the phones instead of relying on staff to download them manually, ensuring that the patch has been installed, and protecting against any vulnerabilities the patch is designed to cover.

MDM can also carry out vital remote tracking and monitoring, and, instead of wiping a device, can remotely lock it. That could carry the benefit of preserving any unique data that is held only on one device so that it is not lost completely (needless to say, it will be important that any such data is backed up as soon as possible and shared securely).

Finally, there also needs to be a wider sense of cultural buy-in and education. That means employees need not just initial training on the secure use of mobile devices when they start with your organization, but also regular updates to training and reminders, to ensure they don’t forget important security steps and are updated on emerging risks.

This can tell your staff how to be safe, but at the heart of it will be a necessary commitment by them to play their part and take the greatest care with security.

While you can and should firmly enforce security measures such as your password policy, it is also important that the education is not just about knowing what the rules of your company are, but about developing an understanding of what the practical consequences of failing to uphold the highest standards of vigilance and security could be.

For that reason, examples like the Minnesota schools data dumping incident, while perhaps very different from your organization’s work context, can still be used as a relevant warning of what could happen if cyber security fails.

With the combination of an investment in the best security solutions for your business and the development of a trained and committed workforce, you can ensure you enjoy the benefits of using mobile in remote settings without suffering the consequences of security breaches.