The massive innovation in mobility in the last decade has given us immense freedom in doing business. We can be just about anywhere, even without our primary computer, and accommodate most of the tasks we need in any given day.
As smart phones and tablets become the norm, outpacing any other type of phone or PC sales, we also run the risk of being complacent in that convenience.
In fact, many firms aside from larger enterprises, often try to get by “riffing” when it comes to mobile security; having policies and procedures for running a mobile business. With the complexity of cloud technology, expanded devices and increased attention on security, winging it no longer makes the cut.
That means even the smallest of our businesses needs to focus attention on having a mobile strategy to achieve better mobile security. Let’s look at the components of building out that strategy.
1. What Do You Consider in Your Strategy?
The first and most difficult is the collision of professional and personal on devices today. We all used to carry a Blackberry and our personal phone. That is largely defunct option, both the complexity and the expense. This means we are merging our work and home lives onto devices we use everyday, all day.
It starts with thinking about hardware. You don’t necessarily have to buy phones and tablets. However, you should have an approach that provides consistency. For example, if you use apps daily from your service providers (such as CRM, portfolio management and more), insure everyone’s phones and tablets can host those apps.
Most certainly carriers matter too – so you’ll want to insure you’re using a carrier who supports your work region with 4G data and voice quality. Consider where you and your team spend the most time. Here is where it can get difficult, as you may have remote workers or frequent flyers who may need differing service from what you have for those sitting in the office everyday.
2. Your Procedures
If you choose a more flexible path of letting your team members bring their own device, based on some of the parameters you’ve thought through above, you still have some steps to take.
Thinking through issues of device security, backup and data storage as well as what to do when a device is lost or stolen will drive the policies you put in place.
Consider these aspects:
– What will you require for protecting devices – pin, password, swipe to unlock?
– What business data can be stored on the devices (remember tools you use like Google Apps, Box or Dropbox)
– Can your mobile users sync that data to other devices and systems?
– Will you require a password manager?
– Can these devices double as game time devices for children after hours?
Not all of the small business tools available will allow full control of these elements like larger enterprises have in use for mobile devices. However, we can establish policies that enable our teams to attest to those rules and declare the devices they will use for business. This allows your team to respond when issues arise with clear guidelines.
3. Managing Security and Devices
Fortunately tools for small business have evolved along with the devices we use each day. There are several to consider as you determine your strategy. You can then factor these providers into your policy for defining handling passwords, using public wifi and securing the physical hardware itself.
- Secure any mobile device with at minimum a PIN or password to unlock when powered on. It should be set to erase if someone enters more than 10 password attempts.
- Have a backup plan in place. For iOS devices that is iCloud or sync to your computer. For Android, you have to declare the proper settings for your Google account that represents the phone. The same as Google goes for Windows 8 phones – and it is tied to your Microsoft account. Take the time to learn what is NOT backed up.
- Chose a password manager solution for your business that supports the major browsers, smart phones and tablets. This will allow for the sync of credentials when you are on the go. Good options here include 1Password, LastPass and RoboForm. The latter two offer business accounts that offer central management of credentials.
- Consider a more comprehensive security app that scans apps and monitors for malware. Top contenders here include Lookout and TrendMicro.
- Don’t neglect to secure your use of public WiFi. Use a VPN service like Cloak or VPN 1Click to secure connections on iOS and Android (respectively).
- Where its available, turn on 2-Factor Authentication, which will use these mobile devices to add a layer of security to your online account logins.