Cyber-security is a subject that many employers have become more aware of in recent years, but there will always be more to learn and additional adaptations to make. As technology continues to evolve, so do the methods by which a cyber-attack might take place. One key example of a potential cyber-security step that organisations may not have prioritised heavily enough is maintaining the security of mobile devices.
Just like the computers at employees’ desks, mobile devices—such as smartphones and tablets—can be targeted by hackers. As remote working continues to become more common, this type of equipment is likely to be used more often, and therefore presents greater potential exposures.
Mobile Cyber-security Measures
Like any other cyber-security practice, the process of keeping mobile devices safe includes a number of key steps. In order to keep sensitive information and data secure, consider the steps:
- Selecting mobile devices—One of the first steps to ensuring ample cyber-security is issuing employees proper equipment. When choosing devices, take time to assess which manufacturers meet your security needs and how different operating systems will synergise with programs used by workers. Given that technology is constantly evolving, it is also important to develop a strategy for updating devices when it becomes necessary.
- Configuring devices—Before issuing devices to employees, it is important that they are set up correctly. Your organisation should ensure that phones, tablets and laptops have proper cyber-security measures installed, such as antivirus software. It may also be advisable to restrict how much control employees have over altering settings and installing additional programs.
- Maintaining security—Once mobile devices have been distributed to employees, organisations must ensure that optimal cyber-security is maintained. Employers should establish clear and firm policies regarding acceptable uses of devices, and set up a system to monitor and log data in the event of a cyber-incident. Employees should also be instructed to promptly install any software updates on their devices as these patches are often intended to cover up a potential weakness that could be targeted by cyber-criminals.
The expanded use of mobile devices outside of an organisation’s own premises can result in additional risks. With remote work expected to remain a trend, it is important for employers to understand cyber-security steps for devices issued to remote employees.
Contains public sector information published by the ICO and NCSC and licensed under the Open Government Licence v3.0. The content of this blog is of general interest and is not intended to apply to specific circumstances or jurisdiction. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice from their own legal counsel. Further, the law may have changed since first publication and the reader is cautioned accordingly. Content by Zywave, Inc. provided by TH March.