Get in touch with us
We at accompio will be happy to help you.
27.11.2023
With the digitisation of the world of work, the number of employees working „remotely“, i.e. on the go or from home, is growing. The IT security of mobile devices, such as laptops, tablets and smartphones, in everyday working life is therefore becoming increasingly important for companies and their employees. While classically fixed desktop computer workstations are primarily exposed to external threats, such as ransomware or phishing, they offer [...]
Due to the digitalisation of the working world, the number of employees working „remotely“, meaning whilst travelling or from home, is growing. The IT security of mobile devices, such as laptops, tablets, and smartphones, in everyday working life is therefore becoming increasingly important for companies and their employees.
While classically secured desktop computers are primarily exposed to external threats such as ransomware or phishing, mobile devices that leave the secure corporate network offer a significantly larger attack surface – and not just for cybercriminals. When using portable work devices, employers need to be aware of the physical dangers in addition to virtual threats. The administrative effort required to consistently ensure corporate security thus increases considerably.
Remote working undoubtedly reflects our digital age, but it harbours significant data integrity security risks that must be avoided. It therefore becomes all the more important to develop an IT strategy for mobile IT security that takes the following factors and preventive IT security measures into account:
#1 – Data loss due to theft
Unlike immobile desktop computers, mobile devices are carried everywhere. In principle, work equipment should never be left unattended and should always be transported securely. Nevertheless, managing directors are responsible for training their employees on how to behave in the event of theft to prevent the loss of sensitive company data. Security measures include regularly backing up data in an encrypted cloud, as well as using strong passwords, PINs, and two-factor authentication to prevent access to the device and data. Activating GPS services can also be helpful in locating and recovering a stolen device after it has been purloined.
#2 – Foreign Glances Jeopardise Data Protection
A mostly invisible danger to data protection is the gaze of strangers on device screens. The unauthorised viewing of confidential company data represents a major IT security risk, as strangers with presumably malicious intent can unknowingly pass on the seen information to third parties. Good protection against this is a privacy screen protector that is applied to the display and only allows a direct frontal view. In crowded places, you and your employees should still switch off your mobile devices if possible.
#3 – Threat from Public Networks
Employees who want to work while travelling are dependent on a network connection to access the internet on portable devices. The use of free public Wi-Fi networks at railway stations, cafés or hotels is therefore very tempting. However, as these Wi-Fi networks are usually not adequately secured, they offer an IT security vulnerability, allowing malware to infiltrate the devices. Bring-your-own-device (BYOD) devices in particular pose a threat to the internal company network. The risk of man-in-the-middle (MitM) attacks, in which data traffic is intercepted by third parties and confidential information is stolen, also increases when using public networks. It is therefore advisable to set up a virtual private network (VPN) and install anti-malware software. In addition, employees should be sensitised to wait until they are connected to a secure WLAN hotspot before transferring confidential data while on the move.
#4 – outdated operating systems
Manufacturers always strive to keep their operating systems and apps up-to-date with regular system updates and security patches to close any IT security vulnerabilities discovered and to proactively counter future IT security risks. Companies should administratively install the latest operating systems on all devices and inform their employees when new system versions become available. Furthermore, it is advisable to activate „automatic updates“ on mobile devices so that vulnerabilities are fixed early and updates are installed independently.
#5 – Applications & App Permissions
Unlike desktop computers, employers cannot control or block the installation of new programmes on mobile and especially BYOD devices. Third-party apps that are downloaded without authorisation often pose several threats to the mobile security chain. The best-known danger is malware. In addition, unrestricted app authorisations can lead to sensitive data being passed on to third parties and processed. Excessive app permissions give applications access to functions such as camera, microphone and location data, which can lead to additional information being passed on to untrustworthy third parties. It is advisable for employers to create guidelines that employees must adhere to when using portable devices and apps so that the IT security of the devices is not jeopardised. These guidelines can include the obligation to install anti-malware software, regular checks and potential deactivation of application authorisations, as well as a reminder to only download work-related applications.
Mobile devices are now an indispensable part of our lives, as they make working while travelling or from home simpler and even more convenient. It is therefore all the more important to sufficiently educate employees about the dangers and risks of using such devices, in order to ensure mobile IT security and protect company data.
Arrange an initial consultation
