Mobile malware has been identified by CIOs as one of the top threats to enterprise data. Here are 10 ways your company can stop breaches and protect sensitive information.
1. Enforce bring your own device (BYOD) policies: Keep your mobile device close, and your enemies closer. Bringing personal devices to work can be a win-win for the company and employees, as long as your policies are clear and enforced.
2. Educate employees on mobile malware: Do your employees know that smartphones and tablets are subject to the same risks as a personal computer? Educate them on the risks associated with mobile malware, from malicious apps to SMS fraud.
3. Keep operating systems up to date: It sounds simple, but manufacturers and mobile subscription providers sometimes block operating system updates to support their own best interests. Stick with providers that are applying updates.
4. Provide secure wireless access at all times: Free Wi-Fi are like an all-you-can-eat buffet of unsuspecting victims for cybercriminals. Provide employees with secure VPN connections and a strict policy for acceptable use.
5. Install apps from trusted sources: Don't be afraid to limit the places where employees can shop for mobile apps. Larger organizations may want to consider building an enterprise application store they can control.
6. Encourage the use of anti-malware software: Android devices are the most popular, which means they are the biggest target for malware. Require employees to protect these devices with the latest security software.
7. Prevent jailbreaks: Jailbreaking is the process of removing security limitations on a mobile device in order to access features. It also provides malware with access to your data.
8. Encrypt your devices: Restaurants, airports, taxicabs – the places where employees can lose their devices are limitless. Protect your data by requiring full encryption and strong passwords to access devices and SIM cards.
9. Offer cloud-sharing alternatives: Bad things can happen in an unsecured cloud. Give employees a secure, authorized cloud-based storage service and discourage them from using easily compromised consumer-oriented clouds.
10. Manage mobile security within your existing framework: Never compromise the security of your network in favor of end-user freedom. If a mobile device does not comply with your IT environment or security framework, it doesn't get it.