Next in the small business guide series from NCSC, we look at how to keep your smartphones and tablets safe. As they become ever more present pieces of technology in the workplace, we need to make sure that while we try to be more efficient and more connected, we do so in a secure manner.
For more guides and information you can head to www.ncsc.gov.uk
Step 3 - Keeping your smartphones (and tablets) safe
Mobile technology is now an essential part of modern business, with more of our data being stored on tablets and smartphones. What's more, these devices are now as powerful as traditional computers, and because they often leave the safety of the office (and home), they need even more protection than 'desktop' equipment.
With this in mind, here are 5 quick tips that can help keep your mobile devices (and the information stored on them) secure.
Tip 1: Switch on password protection
A suitably complex PIN or password (opposed to a simple one that can be easily guessed or gleaned from your social media profiles) will prevent the average criminal from accessing your phone. Many devices now include fingerprint recognition to lock your device, without the need for a password. However, these features are not always enabled 'out of the box', so you should always check they have been switched on.
Tip 2: Make sure lost or stolen devices can be tracked, locked or wiped
Staff are more likely to have their tablets or phones stolen (or lose them) when they are away from the office or home. Fortunately, the majority of devices include free web-based tools that are invaluable should you lose your device. You can use them to:
track the location of a device
remotely lock access to the device (to prevent anyone else using it)
remotely erase the data stored on the device
retrieve a backup of data stored on the device
Setting up these tools on all your organisation's devices may seem daunting at first, but by using mobile device management software, you can set up your devices to a standard configuration with a single click.
Tip 3: Keep your device up to date
No matter what phones or tablets your organisation is using, it is important that they are kept up to date at all times. All manufacturers (for example Windows, Android, iOS) release regular updates that contain critical security updates to keep the device protected. This process is quick, easy, and free; devices should be set to automatically update, where possible. Make sure your staff know how important these updates are, and explain how to do it, if necessary. At some point, these updates will no longer be available (as the device reaches the end of its supported life), at which point you should consider replacing it with a modern alternative.
Tip 4: Keep your apps up to date
Just like the operating systems on your organisation's devices, all the applications that you have installed should also be updated regularly with patches from the software developers. These updates will not only add new features, but they will also patch any security holes that have been discovered. Make sure staff know when updates are ready, how to install them, and that it's important to do so straight away.
Tip 5: Don't connect to unknown Wi-Fi Hotspots
When you use public Wi-Fi hotspots (for example in hotels or coffee shops), there is no way to easily find out who controls the hotspot or to prove that it belongs to who you think it does. If you connect to these hotspots, somebody else could access:
what you're working on whilst connected
your private login details that many apps and web services maintain whilst you're logged on
NCSC 3
The simplest precaution is not to connect to the Internet using unknown hotspots, and instead use your mobile 3G or 4G mobile network, which will have built-in security. This means you can also use 'tethering' (where your other devices such as laptops share your 3G/4G connection), or a wireless 'dongle' provided by your mobile network. You can also use Virtual Private Networks (VPNs), a technique that encrypts your data before it is sent across the Internet. If you're using third party VPNs, you'll need the technical ability to configure it yourself, and should only use VPNs provided by reputable service providers.
Now you’ve protected your smartphone and tablets, click here to move on to step 4 and learn ways you can password protect your data.
