In this mobile-first world, more and more businesses are encouraging their employees to access company data on their own personal phones. And why not? It saves time, money and thought. With all your data and apps stored in the cloud, you can access them on any device, at any time. There’s no reason to carry a second phone just for work.
However, as with any convenient solution, there are risks involved too. When someone accesses your business’s data on a device you don’t directly control, there’s always a danger that hackers or cybercriminals will find a way in. Here are three very scary questions every business owner should ask before they decide to take this step.
What if someone loses their phone, or it gets stolen?
A lost or stolen phone is a pain at the best of times. But if your business’s data is on the missing device, it’s a potential security nightmare. You need to ask whether a stranger could easily unlock the phone and access the apps installed on it. You also need to know what you can do with your data in this situation. Can you encrypt it? Delete it remotely? These factors make the difference between “annoying inconvenience” and “outright disaster”.
What if there’s a phishing attack?
Many people believe that a phone can’t be hacked like a computer can, but this isn’t true. One major security risk is phishing: when cyber-criminals send a fake email that looks like it’s from a real company. These emails can contain a link directing the user to enter their sensitive information into a spoofed login page – or a download that installs malware on the user’s phone. Phishing emails can look very convincing, and it’s easy to click on one without thinking while you’re scrolling on your phone. Even the savviest person can be caught out. You need to make sure that your data is safe if this happens.
What if someone leaves the company?
Every workplace has some staff turnover. If an employee leaves, you need to be sure they can’t keep accessing your business’s data, ideas and apps once they’ve moved to another company. It should seem obvious, but this is amazingly easy to forget. Plenty of managers and business owners do!
Mobile phone security should be an integral part of your overall IT security plan. Everyone who works with you should be familiar and up to date with the plan. They should know exactly what to do if they suspect something’s wrong – whether it’s a lost device, a cybersecurity breach, or unauthorised access to company data. It’s important to address these issues right at the beginning to avoid a dangerous and costly mistake later on.
A reliable and expert IT security partner (like us!) is your best ally. We can help you work out a strategy and deliver support and training to make sure it’s fully implemented. If you’d like to talk, just get in touch.