Get All Access for $5/mo

11 Tips to Secure Mobile Devices and Client Data Do your employees know how likely they are to leak your company's secrets?

By Robert Siciliano Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

SplitShire

You have employees. They bring smartphones to work. All is fine, right? Wrong.

Related: Meet the Cybersecurity Startup That's Caught the Eye of Google's Eric Schmidt

First of all, the second an employee brings a personal mobile device to work, you can bet on a fusion of personal and business affairs occurring. This was evident when 2,000 office workers were surveyed as to:

  • How many downloaded personal apps to tablets issued by their employer: 73 percent
  • How many did this with smartphones their company issued: 62 percent
  • How many did it with company-issued notebooks: 45 percent
  • The age group most guilty of this: 25 to 38 years old
  • The number who used their smartphones and other mobile units to conduct company business: over 50 percent

That last percentage was slightly better news. But it hardly canceled out the aforementioned misuse, which may result in who-knows-how-much company business leaking outside the building to who knows where. That "50 percent" also raises the question: Have you, a decision-maker at your company, devised any plans to prevent or minimize how much company data leaves your building, in the form of storage inside your employees' smartphones and other mobile devices?

The solutions may lie in the strategies that company decision-makers and IT managers can draw on to control data leakage. These strategies fall under something called enterprise mobile management. But cooperation is required from both parties: the company and the employees.

As a decision-maker, then, you'd be smart to think: "We'll just never know, will we, where an employee's smartphone ends up on the weekends -- a device loaded with our most sensitive data!"

Solutions for businesses

Business owners and other company decision-makers should regard the personal smartphone as a potential company diary. You don't want this diary going all over the place after hours. You don't want it easily opened for all to see what's written on the pages.

Related: 4 Essentials to Secure Your Business Even From State-Sponsored Online Threats

So, try consider these strategies:

1. Teach employees about phishing scams.

Phishing maneuvers are a leading way that cybercriminals steal data. Research shows how easy it is to get employees to fall for these scams: The worker receives an email that has an urgency to it (e.g., subject line: "Get back to me asap"). Inside the mail is a link that the sender urges the recipient to click on. The link takes the user to a fake website that lures him or her into revealing sensitive company information.

2. Inform employees that the sender may pose as the company's bank or as someone from the board of directors.

Even after being taught about phishing, employees may still be suckered into clicking on a link inside an email -- as staged phishing attacks have shown. To make things simple and to avoid confusion, simply demand that employees not click on any links inside emails. No exceptions. Tell them that nobody will be penalized for not clicking on a link inside an email.

3. Employees should be suspicious of free download offers.

Clicking on these could activate a computer virus.

4. Employees should buy applications from a trusted app store rather than from third-party sources.

It's hard to know what those third parties' true motivations are.

5. Employees should be sure to protect all their devices with passwords.

If an employee leaves a device unattended, or it's lost, could the finders get into any documents, or have to type in a password (which they don't know, of course)?

6. All devices used for business should have a "wipe" function.

The more employees you have, the harder it will be to get every single one to password-protect his or her devices. Another layer of protection, then, is to require a "wipe" function. If the device is lost or stolen, all the data on it can be eradicated -- remotely.

7. All devices used for business should erase their data automatically after a set number of password attempts.

This will discourage hackers.

8. All devices, especially Androids, should be required to have anti-virus software.

This protects the device from malware that comes with an app that's downloaded.

9. Employees should never "jailbreak" or "root" a mobile device.

Malware can infiltrate if the walled garden of the device is broken down because the user has manipulated the device's factory-installed operating system.

10. Employees should activate their update alerts immediately rather than opt for "remind me later."

These updates patch up security holes so that evolving cyber-pathogens do not gain entry.

11. Employees should be made aware that Wi-Fi in public is not secure.

Even though connections to public Wi-Fi will say they're not secure, not all users notice this alert; and some may not even know what it means. Instead, using a virtual private network (VPN) will significantly boost security for your company's sensitive data. A VPN service, such as Hotspot Shield VPN, encrypts all cyberspace transmissions, scrambling them so that hackers can't make sense of them.

Certainly it's true that employees themselves may be crooks working from the inside to commit cybercrime. But a significant volume of data leakage still stems from simple carelessness by employees -- and a lack of information and knowledge about security. What have you done about this threat at your own company?

Related: Password Statistics: The Bad, the Worse and the Ugly (Infographic)

Robert Siciliano

Personal Security, Privacy and Identity Theft Expert

Robert Siciliano, CEO of IDTheftSecurity.com, is committed to informing, educating and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Leadership

Visionaries or Vague Promises? Why Companies Fail Without Leaders Who See Beyond the Bottom Line

Visionary leaders turn bold ideas into lasting impact by building resilience, clarity and future-ready teams.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.

Science & Technology

5 Automation Strategies Every Small Business Should Follow

It's time we make IT automation work for us: streamline processes, boost efficiency and drive growth with the right tools and strategy.

Business News

Former Steve Jobs Intern Says This Is How He Would Have Approached AI

The former intern is now the CEO of AI and data company DataStax.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Green Entrepreneur®

How Global Business Leaders Can Build a Sustainable Supply Chain

Businesses can build sustainable supply chains by leveraging technology to reduce environmental impact, optimize resources and track emissions while balancing operational efficiency and sustainability goals.