You guessed it. I’m talking about phones.
How many people in your business have a company-issued phone, or use their own to access company data like emails, client information, or documents? It’s probably a high number, right?
And your phone is a big risk to your data security. Smishing attacks (that’s the text message equivalent of a phishing email) increased 328% in 2020 and will probably significantly rise again this year.
That’s because it’s a goldmine for cyber criminals. 98% of text messages are read and 45% are responded to. So a smishing text is likely to yield good results for crims.
Once your phone is infected, malware can monitor your calls and messages, download and delete your data, and if a phone is connected to your business network, the infection might even spread.
60% of interaction with corporate data happens via a mobile device.
Malware aside, mobile devices are more prone to loss and theft, which could see them easily falling into the wrong hands.
So with all that in mind, what steps are you taking to keep phones protected from threats like cyber-attacks and data theft?
First and foremost, you need to educate your people on the dangers that smart phones pose. Make sure they know how to spot a smishing attempt, and not to click or respond to anything that raises a red flag. Encourage everyone to block any numbers sending bad texts, and even consider installing a spam blocking app on all devices.
If your people are in any doubt as to whether a message is genuine or not, ask them to clarify with their contact with a phone call. Don’t respond to a message if there is any doubt over its authenticity!
Make sure that everyone uses multi-factor authentication or biometrics to unlock handsets. And set up encryption and the ability to remotely wipe data if a device be lost or stolen.
Everyone in your business should also know exactly what they have to do if they think they’ve tapped on a potentially dangerous link, downloaded something they shouldn’t have, or lost a device. Create a protocol that details who needs to be informed and in what timeframe, the information that needs to be given, and how it’s escalated. The sooner a potential breach is reported, the more can be done to quickly rectify the situation and protect your data.
As usual, if you need any further help or advise on keeping all of your devices safe and secure, give us a call.