Little things mean a lot when facing off against cybercriminals. Even if you have excellent security tools in place, hackers can chisel their way through tiny cracks arising as a result of employee carelessness or general lack of awareness. The only way to stop employees from letting these “little things” slip through and cause big data breaches is through training. Cyberdefense training needs to crisscross the company, too, so everyone from the CEO to the front desk clerk understands the risks and knows how to avoid them.
Here are some items you should build into your smartphone security and IT protection training programs to fully educate your users and clear up all those little things:
5 ways to boost your smartphone security
Roughly three-quarters of Americans have smartphones, and many employees use them when conducting company business. You should aim to balance productivity with security by advising employees of company protocols to safeguard data transmissions, which can include the following actions:
- Lock smartphones to protect sensitive information should the phones be lost, stolen, or left unattended.
- Set passwords with at least six digits. These are harder to crack when hackers try to break in using brute force (e.g., tapping in random keys until they hit the right sequence), and they will be locked out of the device after a few tries.
- Use facial recognition scanners, if available. WIRED hired a Hollywood face-caster and makeup artist and spent thousands of dollars trying to crack Apple’s Face ID security feature—and failed.
- Limit the number of apps allowed on employee devices. The more lines of code on a smartphone, the greater the risk of a security bug.
- Be proactive and install software updates as soon as they’re available. No user enjoys updating for security patches—and hackers know this fact. They will often exploit vulnerabilities that have already been patched; it’s less work on their part, and chance are, one user was too lazy to download the update. It only takes one weak link to bring down a business.
Ramp up your mobile device IT protection
Security teams are in a battle of wits against increasingly cunning cybercriminals, and with a growing attack surface to defend, it’s more important than ever to teach your employees about stronger mobile device security to reduce your organization’s risk of a data breach.
Allowing employees to bring their own devices to the workplace can make life easier for workers and increase productivity, but traditional security measures are hard to put in place to protect data on these unmanaged devices. To combat this fact, develop some comprehensive bring your own device (BYOD) policies with your IT team, and give your employees clear direction about what they can bring into the office and install on their BYOD devices. This should also extend to the apps they download to their devices and their permissions to access company data while on the go.
Speaking of being on the go: sales reps, execs, and other employees who are often on the move may access their mobile devices in coffee shops, cafes, or airports. Make sure you warn these employees that public Wi-Fi and wireless networks are seldom secure—anyone who understands how hot spots work could see what your employees are doing on their devices and potentially steal sensitive information.
Watch out for your other endpoints, too
Smartphones and mobile devices aren’t the only endpoint devices at risk—make sure you’re keeping an eye on every device connected to your network. Printers, for instance, are a common entry point for hackers, primarily because many companies don’t recognize unsecured printers’ hidden risks.
Understanding the vulnerabilities of unsecured printers will help you prevent the loss of valuable company data. You can take a printer security self-assessment to determine if your printers are vulnerable to attack and then defend your network with printers that are always on guard. Such printers can detect attacks, prevent them, and even self-heal automatically if a hacker gets in.
Incorporating these little things into your training can significantly cut the odds of cybercriminals infiltrating your business. If you get your whole team to pay attention to smartphone security and other endpoint device security, you’ll fill in the cracks hackers would otherwise have used to access your network.