Workplace Safety & Health Co. Inc. Blog

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form
Subscribe to this list via RSS Blog posts tagged in mobile phones

In last month’s blog, we covered steps employers can take to help stop cyber security breaches, including using secure access points and installing updates across all devices and systems on a regular basis. But when it comes to cybersecurity and mobile phones, we must all take an active stance to protect our mobile devices and your company’s data.

In today’s world, our smartphones have so many advanced capabilities – just like our computers, and we check our emails and bank accounts, search the internet pretty much whenever we want, and our phones allow us to continuing working in many cases when we are not sitting at our office or business. The security, though, is usually not set up as strongly as it is on our work computers.

There are some steps you can do to protect your mobile phone:
• Consider the safety features when choosing your mobile phone – such things as file encryption, finding and wiping the data remotely, ability to delete known malicious apps remotely and authentication features such as device access passwords
• Configure the device to be more secure, including enabling the password feature that locks the device until the PIN or password is entered – or even a thumbprint or face scan! There may even be a feature that after 10 failed attempts to login, the phone is wiped clean
• Do not click on links sent in suspicious emails or text messages
• Use caution before posting your mobile phone number anywhere
• Be careful what information you want stored on your phone
• Do your research before selecting and installing apps, including “repackaged apps” that may seem like updates to your current apps – and keep in mind, your social networking apps may reveal more personal information than you know, including location, birthday, etc.
• Disable interfaces that are not currently in use, such as Bluetooth and WiFi – and while you are at it, set Bluetooth-enabled devices to non-discoverable, so it is not visible to other devices
• Avoid joining unknown WiFi networks and using public Wi-Fi hotspots as attackers have been known to create fake hotspots

If your mobile phone is stolen or lost, notify your mobile service provider. If it’s a company phone or you do business on your personal mobile phone, contact your company ASAP. They can usually revoke all credentials that were stored to keep your company’s information safe. And if need be, have the mobile phone company remotely delete all data on the phone.

Mobile phone cyber threats are definitely on the rise. A little bit of time and effort on your end keeping these steps in mind can help lessen the opportunity of attackers targeting you.

Even before the COVID era and remote working becoming so prevalent, many employees were using their mobile phones to access company email, networks or data. This “bring your own device” work culture is definitely a security risk to not only your employees, but to your company as well.

Smartphone security has not kept up with traditional computer security, and your employees may be vigilant when it comes to security breaches on their desktop or laptop, but we are all more distracted when it comes to our mobile devices as we quickly scan through emails, text multiple people and scroll through different social media, usually all at the same time. This makes our phones very attractive targets for scammers – tricking us into joining rogue Wi-Fi networks or tapping fake emails without even thinking.

A 2019 study on the mobile threat found that 57% of companies have experienced a mobile phishing incident. Phishing is the most common cyber threat, especially for companies. It is estimated that 9 out of 10 data breaches start with a phishing attack, and when we are on our smartphones, we tend to not pay as much attention to what we are clicking – plus the smaller screens make red flag less noticeable.

Making sure your company has a strong cyber security system and communicating the importance to your employees is a must nowadays. Here are a few strategies that everyone can incorporate today that can help keep your employees and your data safe, but even these are not 100% guaranteed:
• Use secure access points, such as virtual private networks (VPNs). These allow you to extend your private network across public Wi-Fi using encrypted virtual point-to-point connection, enabling and maintaining secure access to your company’s resources.
• Have your employees create a secure network for business transactions in their home offices. Most home routers allow for the creation of multiple networks, such as a home and guest connection. Adding a password protected network for work connections means your employees can keep their families’ personal devices separate from work devices.
• Make sure your company is installing updates across all devices and systems on a regular basis. Regular updates and patches ensure your systems are protected against known vulnerabilities.
• Always make sure your employees are using strong passwords and two-factor authentication across all devices and accounts. It cannot be stressed enough that passwords should be complex, meaning they should incorporate numbers and special characters and should not be the same ones used across multiple accounts. As a business, you may want to look into a password management software to help your team keep track of their passwords.
• Be vigilant when responding to emails, especially those with links and attachments. Remind your employees to never click on those links or attachments from an unknown sender – and even if the email seems to come from a trusted source, be sure they are looking closely at the email address or website URL. Inform your employees to make sure they let your IT department or contact know of any suspicious emails right away, as well as letting them know if there is a possibility of a breach.
• Install anti-malware and anti-virus software across all devices and networks, which will stop the majority of attacks.
• Make sure your company has a Cyber Response Plan in place and that all your employees are aware of this plan – and that everyone knows who to contact if they suspect a breach, both during work hours and after-hours.

Nowadays, cybersecurity is the responsibility of all your employees, but taking these steps to protect your business can alleviate many of the breaches from ever happening. In our next blog, we will discuss more specifically on what your employees can do to make sure their mobile devices are more secure, as well as what to do if their devices are stolen.

 

certifications 2020

American Society of Safety Professionals View Workplace Safety & Health Company, Inc. profile on Ariba Discovery
Go to top