Defense in depth is the idea of building multiple layers of security, and it’s a generally accepted practice in the IT industry. However, mobile devices make this concept particularly difficult to implement and manage in the workplace.
This is because mobile devices don’t stay stationary behind your firewalls. Instead, they move with your employees, granting them access to data and applications via external internet connections. Unfortunately, this behavior exposes your data to additional risk and creates hard-to-avoid vulnerabilities.
While mobile access acts as a productivity enhancer, it can also mean increased security risks. Balancing the risk often starts with a new approach to data security. Here’s a good place to start.
1. Install anti-malware for mobile
Many of the same attacks that hit your existing firewalls also apply to mobile devices. While more and more companies are using a BYOD approach to mobile, that doesn’t mean you should adopt the same approach to security. Adopt an anti-malware policy that includes the appropriate software licenses, and work with employees to make sure their protections stay up-to-date.
2. Add encryption to your mobile communications
While some experts recommend the use of a VPN for remote data access, the basic requirements are encryption, management, and strong authentication procedures. If you can offer strong encryption and authentication procedures along with logging and management systems, you can choose your own method for remote access. VPNs seamlessly incorporate all of this, making them a one-stop for remote security.
Related Content: Smarter online security starts with these 7 tips
3. Take control of authentication procedures
With or without a VPN, strong authentication is a must. For the modern business, that usually means two-factor authentication. Many newer devices include biometric options. However, employees who use devices without fingerprint scanners or voice or facial recognition software can be held to the two-factor authentication requirement by adopting portable security tokens. The purpose of this is simple: ensuring that possession of the device doesn’t equal possession of the sensitive data employees can access.
4. Balance risks with company controlled devices
When you own the mobile device issued to your employees, you can block the use of third-party software that may present a risk to your data. You can also limit access to software that might impact employee productivity. After all, you want your workers finishing their daily targets, not spending hours on Facebook.
When you adopt a BYOD policy, you don’t have as much control over what goes on the device and how it gets used. That means a VPN is a more important part of your security stack. With a VPN, none of your data is stored locally on the device. As soon as the remote session is over, access to the data is also over.
5. Limit data access
Not all data needs to be available on mobile. Before giving your employees access, consider what information they actually need to access on-the-go. If they don’t need instant access, don’t offer it.
Related content: 5 ways to train your employees on cybersecurity
Audit your security for added peace of mind
The only way to see your mobile data security in action is to perform regular tests. You’ll likely want to work with a third-party for your security audits. If you do discover potential vulnerabilities, your security partner will provide you with remediation options and ways to close the gaps.