Farmington Hills: (248) 286-1166
Theft or Loss
It only takes a moment of distraction for a thief to pocket a mobile device or for the owner to leave it behind in an airport or coffee shop. Make sure employees have their mobile devices set to lock after a period of inactivity and have a policy in your company handbook to report missing or stolen devices immediately to the company.
Social Engineering or Phishing Schemes
Train employees never to open unexpected files, and never to respond to an email asking for sensitive information such as passwords or account numbers. Remind them to hover over a link sent in an email and look closely at the domain name to verify it is the correct site, not an imposter with a similar name.
Malware
Malicious mobile apps are a rising threat. iOS and Android stores’ apps are more carefully scrutinized, but third-party app stores and shady websites have all sorts of dangerous wares. Once installed on a mobile device, malware can steal money, exfiltrate data, or worse. Mobile malware protection and a list of company-approved applications can help prevent potential infection.
Weak Passwords
Pins and passwords must be required to access a smartphone or laptop, but even stronger passwords should be required to access the company network and data. Passwords should be complex, consisting of 8-12 characters, including upper and lower case letters, numbers and special characters.
Employee Risk
It is an act of trust to give sensitive information to staff. If something is truly sensitive, it should be well-monitored and controlled. Access should be given to only those who need it, only when they need it. The way devices are tracked should be scrutinized, and data transfers should be restricted.
Note: This article, written by Safety Net’s Principal Kevin Bozung, was featured in Traverse City Business News (TCBN)’s August 2016 issue.
