As the owner of a small to medium business, you’ve got a lot on your plate. We’re about to add one more thing to worry about – mobile phone security. On the upside, though, we’re also going to give you concrete tips that you can apply to improve your mobile security.
Why mobile phones, and why now?
With the current COVID-19 crisis, businesses are allowing workers to work from home if possible. That’s a noble gesture, but without the right security in place, it could cost your business dearly.
You might wonder how, considering that your employee uses a highly secure work laptop. We wonder what other devices they may use. Do they check their work emails on their mobile phone, perhaps?
Risks Mobile Users Face
Considering that 49% of Trojan horse malware in 2019 was delivered by email, that’s a serious security risk.
Interestingly enough, in 2018, 52.06% of infections were as a result of RiskTool malware. This malware seems to play well with your system. It runs in the background and is used by bad actors to perform tasks online.
This could be to make your phone part of a botnet army or for crypto-jacking. The only signs you’ll notice are that you’re using more data than usual and that your internet is slow.
And while there are many forms of attacks, it seems that ransomware for mobiles is big news in 2020. These attacks cut off all access to your phone. To restore access, you’ll have to pay a ransom.
How to Protect Your Business from Mobile Attacks
How do you and your employees ensure that these attacks are minimized? We’ll go through the basic steps that you must take now.
Enable the Screen Lock
Where possible, use biometric data like your fingerprint to provide a secondary layer of security. This provides a little protection against mobile attacks. More importantly, though, it prevents someone from accessing the phone when the employee has put it down.
Encrypt the Data on the Phone
How to do this will depend on the phone and the operating system. There are many sites online that will walk you through the process step-by-step. This is something that all of us should do anyway. It won’t prevent a hack, but it limits the amount of information that the hacker can glean by encrypting it.
Regular Software Updates
All of us need to update our phones regularly. Where possible, set updates to the operating system and security features on automatic. These security patches are an essential part of keeping your phone safe.
Enable Multi-Factor Authentication
Where possible, enter both your password and a randomly-generated key. This is slightly less convenient, but also inconvenient for the hacker. To make it even more annoying, opt to have messages sent to your email rather than the phone.
If the hackers perform a sim swap, the notification should still go through to your email. That way, you’ll know that something is wrong.
According to Forbes, the Microsoft MFA protects against 99% of attacks. It makes good business sense to use a similar system.
Backup Data
Should the phone be infected with ransomware, a backup limits the damage.
Don’t Download Apps
In an app-crazy world, this seems counterintuitive. Just look at it this way – you never know if the developer had an ulterior motive. Apps can be laden with malware. Developers could also release malware when doing future updates.
Steer clear of apps unless you know that they’ve been created by a legitimate company. Free apps are generally something of a gamble. Ask yourself, why would they issue this for free when they could make a killing off it? It could be because they’re beta testing the app. It could also be that they want the maximum number of phones to infect.
Tools are particularly dangerous. In 2018, they accounted for 39.1% of the malicious apps on the market.
Don’t Follow Social Media Links
Finally, warn employees about the dangers of following links from social media. There are several malware-laden clickbait sites out there. They should avoid clicking on links and rather run a Google search to confirm the facts for themselves.
Final Notes
Taking concrete steps to protect your mobile devices is essential at this point. Make sure that your employees understand the risks and that they’re as careful as you are. Alternatively, consider issuing work phones with limited functionality and top-flight security. Together, you and your employees can ensure that your mobile devices are more secure.
Nikola Djordjevic is the Co-Founder and Project Manager at MedAlertHelp.org, a site dedicated to improving your knowledge about health, nutrition, fitness, aging, retirement, and much more. He is also passionate about IT technologies and their impact on our lives.
Mobile malware stock photo by Morrowind/Shutterstock
