How do you keep your data safe now that it is more mobile?

Mobile technology has advanced so much that devices as small as smartphones can perform computing tasks as well as any modern PC. We can send emails, work on documents, attend video conferences, and accomplish many other work-related tasks, thanks to the many apps now available for mobiles, tablets, and laptops.

Indeed, during the early stages of Toronto’s COVID-19 lockdown, office-based workers bought laptops in droves so that they could work remotely. However, the pandemic merely added to the demand for mobility — the trend toward work mobility was already well-established long before Canada had its first case of COVID-19.

While mobile devices do enable us to work anywhere, they also increase our data’s surface area of vulnerability. That is, instead of being kept inside company firewalls, more and more data is being accessed from and retained outside your network perimeter. This means that if a connected device is stolen or hijacked, unauthorized users could gain entry to your firewalled data and/or seize the data on the device.

With all of this in mind, how do you keep your data safe?

1. Implement cybersecurity protocols for mobile devices.

Whether you issue devices for your staff or let them use their own, here are a few steps you could take to secure the portable devices that your employees use for work:

• If your budget allows, provide hardware firewalls for home setups.

• Configure the security settings of mobile devices before use.

• Set up company user profiles in personal devices so that staff can more easily compartmentalize work and private life. Additionally, give IT admins monitoring and management permissions so that they can execute security protocols, such as remotely wiping a user profile if the device is reported missing.

• Limit company user profiles to email, app, and URL whitelists to help keep staff away from phishing emails, productivity-killing apps, and risky sites (e.g., file sharing sites that transmit malware).
• Tweak other miscellaneous settings that help improve data security (such as the device lock feature that automatically makes the device go to sleep if it’s been idle for a certain amount of time).

• Come up with a list of permitted devices that staff can use, and have a vetting process in place for personal devices.

• Install mobile device management software that allows you to separate company data from personal data as well as roll out security updates to all registered devices.

• Require identity authentication protocols on devices (as opposed to allowing users to open devices without having to at least enter a PIN code).
  Train your employees to:

• Keep to themselves and never leave their devices unattended when they're handling sensitive files in public spaces.
• Lock their devices when not in use (to prevent prying eyes from seeing what’s on their screens).
• Never insert suspicious USB devices such as unknown thumb drives into their laptops.
• Never use new devices straight out of the box without first running anti-malware software on them.
• Use wall adapters instead of USB chargers to charge USB devices when in public. This is to keep the devices from getting infected with malware.
• Store devices in the glove compartment or trunk if you have to leave them in a vehicle.
• Keep storage media (such as external hard drives) under lock and key when they’re not in use.

Related article: What can you do to make the mobile devices your employees use more secure?

2. Have a cybersecurity strategy for protecting your data, wherever it may be.

Not all data needs to be secured, so one cost-effective strategy you can implement is to identify the data you need to safeguard the most, then use cybersecurity solutions to protect it. You could:

• Provide corporate accounts (such as email accounts) to staff and never let them use their personal accounts for work.
• Implement multifactor authentication to secure access to corporate accounts.
• Use identity and access management software to execute zero trust protocols that limit access to only the data users need to accomplish their tasks.
• Use a virtual private network to encrypt unsecure connections.
• Use built-in or third-party encryption programs to encrypt individual files, volumes, or entire disks of sensitive data.

To have a better idea of what it takes to safeguard your data, download our FREE eBook on cybersecurity planning. Once you’re done reading it, schedule a consultation. Let our experts show you why businesses in Toronto and beyond rely on XBASE for Exponentially Better™ cybersecurity strategies and solutions to keep their data safe in this mobile-first world.