Employees’ Mobile Habits: A Security Risk

Our Managing Director, Paul Jarrett, explains how your employees’ mobile habits might be a security risk.

It’s not big news that we’re in the middle of the mobile era, in fact we have been for a while, but now we’re seeing the lines between using mobile for personal and work tasks blurring.

I read a great stat this week claiming that 67% of workers already use their personal devices for work purposes, a trend we call ‘bring your own device’ (BYOD). Employees are checking email on-the-go and accessing CRM software outside of the office, all on their own devices.

In short, BYOD presents huge benefits, and we know that companies embracing it are seeing a significant increase in employee productivity, clearer business activity and reduced infrastructure costs. Naturally, employees are already accustomed to using their own devices, making it easy to complete tasks anywhere at any time with minimal effort.

The downside… cyber-criminals are aware of this trend and are increasingly using employee mobile devices as a gateway to attack companies, both large and small. As mobiles were initially consumer products they have very little security built in, making it much easier to spread malware via mobile devices rather than desktop computers. An unsecured device that accesses a company network creates an open door for hackers to access your core systems.

I often have conversations around mobile security, and find that many business owners aren’t aware of their employee’s mobile usage, and don’t understand the security risk their devices bring. Particularly when staff are acting on their own initiatives to use their mobiles for work purposes, as opposed to following a company implemented BYOD policy. This gives hackers the ideal ground to access confidential data in your core system and pursue a cyber-attack.

So, regardless of the size of your company, or industry you work in, having an understanding of how your employees interact with their mobiles is key.

Following this, the most efficient and effective solution to protect your business from a mobile attack is to simply manage your systems, not the devices. By ensuring your systems have the relevant security settings you can make them “device risk-aware” restricting certain functionalities, removing sensitive data and prevent access to the enterprise resources.

As long as you understand your employee’s interactions with their mobiles, assess the specific risks your business faces and identify the data you wish to protect, you can make the necessary steps to reduce security risks. Whether that’s introducing a BYOD policy, changing your security settings, protecting your core systems and putting an API in place.

 

Want to know more?

If you want some advice on how to improve your mobile security, give us a call on 01737 45 77 88 or chat to us on live chat in the bottom corner of your screen.