Skip to main content
Technology

How to protect your business on a mobile device

63771-39762e3d

Mobile devices offer small businesses a variety of conveniences, including the ability to stay connected with staff, accept customer payments and manage operations from anywhere. But with increased access comes an increased importance to ensuring your business-related information, and that of your employees and customers, remains safe and secure. Here are a few simple ways to protect your business on a mobile device:

Be mindful of your Wi-Fi connection. Though mobile devices can enhance your ability to “multitask” and transform any down time your day presents with an opportunity to catch up on business, not all Wi-Fi connections are created equal. Be particularly mindful of not accessing sensitive business data on your mobile device when the only option is a public Wi-Fi “hot spot” like those offered in airports, libraries and coffee shops. Wait to find a secure Wi-Fi connection that requires a password before accessing bank accounts, bookkeeping and payroll software or customer payments. The added layer of protection is an important part of ensuring you don’t expose your business or customers to unnecessary risk in the name of convenience.

Define what devices access your business data. Survey data collected byGartner research indicates that as many as 40 percent of employees now use their personal mobile devices to conduct work-related business. Though allowing employees to use mobile devices for business can ease the investment made into desktop devices, and potentially improves productivity by allowing employees to stay connected to business despite their physical location — it also requires security standards in the form of a “Bring Your Own Device” (BYOD) workplace policy. Start by identifying why you’re allowing mobile devices into your workplace, whether to manage costs, improve workplace flexibility, or enhance your customer experience in terms of expedited and reduced wait times at the point of sale via mobile payments. Once you’ve outlined your objectives, identify what kinds of mobile devices will deliver on your objectives, along with those that are not allowed, given the types of data that your business handles and the level of risk it absorbs as a result. If you feel Apple products are more secure than Windows-based devices, for example, state that mandate in your policy, along with parameters for “Acceptable Use” on such devices. If you invite employees to share in social media updates or a company blog but don’t want them doing so from their phone, for example, outline such standards in the policy.

Designate a technology expert to manage mobile protocol. Task a dedicated technology expert, whether an internal employee or third-party security resource to ensure that your company has proper security protocols in place, including working firewalls and spam and malware filters. Ensure that any cloud-based data that might be accessed from a mobile device uses log-in authentication and password requirements that are updated appropriately, including mandated password changes that occur every few months. According to recent data released by SplashData the two most common passwords in 2013 and 2014 are “123456” and “password.” Maintain security training with employees for continued education regarding mobile security threats and protection measures. For example, though there are more than one million apps now available on the Apple store, not all are legitimate. If employees must download an app onto their device to do business, ensure that your IT resource is involved in the process and that the download derives from a reliable source (like the issuing company’s website).

Have a plan of attack. Protecting your business on a mobile device also requires your preparedness in the event of a breach. Consider “worst case scenarios” such as how you would go about “locking” a mobile device remotely if it is lost or stolen. Additionally, educate yourself and your team on how to quickly change passwords for sensitive data from a desktop computer that may be accessed on a mobile web browser (and thus, retrievable in its history).