Cyber criminals are becoming big believers in “smaller is better.” As cyber-crime grows more sophisticated, it's shifting focus from servers in large enterprises to a much smaller target: mobile devices in small- and medium-sized businesses. In 2014, 60 percent of all targeted attacks struck small- and medium-sized organizations [1], with a new mobile malware piece becoming available every 17.6 seconds on Android™ devices. [2]
The reason? Cyber criminals have realized that many smaller organizations don't have the time or resources to adequately protect their devices, especially the many smartphones, tablets, and 2-in-1s that BYOD policies have brought into the workplace.
So what's a cost-conscious business to do? Combined with well-tested strategies, a number of new tools exist that can help keep your devices secure—without busting your budget. Here are our top 6 tips for improving your mobile security.
1. Restrict device access
On average, individuals store around $37,438 in digital assets on their devices, including digital media, professional information, and personal correspondence and photos.[3] While passwords and PINs are important first defenses against unauthorized access to those digital assets, many users fail to use secure passwords and PINs, opting instead for something easy to remember—and easy to hack.
Biometric login and password saving can help increase security while also making access easier by eliminating the need to remember complicated passwords or logins for every program you use throughout the workday. The Windows 10 operating system (OS) now offers built-in biometric support when used with compatible
tablets. Find out more about Windows Hello for biometric logins
here, and Microsoft Passport for password saving
here.2. Use encryption
Mobile devices are very convenient… until you lose them. Users are 15 times more likely to lose a mobile phone than a notebook PC[4], making data loss a big threat to businesses of any size. And while passwords can keep unauthorized users at bay for a time, they don't always stand up to persistent attacks. A more robust solution is to enable full-disk encryption, so that everything on the device remains protected even if the device itself is lost.
There are a number of free options available to enable encryption on your compatible mobile devices. On
HP business-class tablets and notebooks, open the included HP ProtectTools Security Manager and click on Drive Encryption to be guided through the process. On Windows 10 Pro and Enterprise editions5, included BitLocker software can be used with devices that have a Trusted Platform Module (TPM,) such as
HP ElitePads. Find out more about BitLocker
here.
3. Always use secure services
As convenient as it is to use cloud services like Dropbox and Google Mail at work, it's important to note that many of these services were never meant to meet business security standards. Even so, a full 87% of senior managers admit to regularly uploading proprietary work files to a personal email or cloud account.[6] Using these personal services for business data can have serious consequences, with the average total cost of a cloud data breach increasing 23% over the past two years to $3.79 million. [7]
The easiest way to stay safe is to not use these services at all—but that policy can be difficult to enforce at work. Fortunately, options are available to make policy enforcement easier. Windows Device Guard in Windows 10 Enterprise Edition[8] can restrict users to trusted applications (find out more about it
here), while
HP Touchpoint Manager can manage curated bundles of mobile applications from Apple App and Google Play stores to help manage user activity.
4. Enforce security standards
For small- and medium-sized business, mobile device attacks increased 26% and 30%, respectively, in 2014.[1] With cyber-attacks on the rise, smart businesses can't rely on ad-hoc standards. They need to ensure those standards are being implemented by every employee in order to stay secure.
Enterprise Data Protection (EDP) in Windows 10 lets you block, allow overrides, or audit your employees' data sharing actions, and separate business and private data on the device (find out more about EDP
here). If you need to monitor more than just Windows 10 devices, HP Touchpoint Manager[9] allows you to apply policies around passwords, firewalls, and antivirus software to groups of users and/or devices across multiple operating systems.
5. Keep your systems updated
2014 had an all-time high of 24 discovered zero-day vulnerabilities (security holes that were exploited by hackers before they were discovered by device makers or antivirus developers). [1] To stay on top of these increasingly sophisticated—and determined—hackers, systems and software on your mobile devices need to be as up-to-date as possible at all times.
One key method for staying up-to-date is ensuring users have enabled automatic software updates, which Windows 10 now requires. HP Touchpoint Manager can also check the status of firewalls and antivirus software on your organization's devices, and enable them on unprotected systems remotely to quickly maximize protection.
6. Train your staff (and yourself)
Symantec notes that, in 2014, 70% of social media scams were shared not through infected systems, but manually by users who'd been fooled into spreading the scams themselves.[1] To keep your workplace and mobile devices secure, your employees should be educated on how to spot an online scam. Always be wary of free offers for gadgets, gift cards, and airline tickets or for invitations to join dating and webcam sites. And remember that if you are asked to fill out a survey or sign up for a service using a credit card in order to get the free gift or service, you are most likely being scammed.[1]
While new security tools like those included in Windows 10 and HP Touchpoint Manager can make protecting your company's mobile devices easier, ultimately they're no substitute for a well-informed workforce. Employees need to know that security is now as much an issue in the mobile space as it is on their PCs and notebooks. Implement the tips above to help keep yourself, your business partners, and your customers safe.
[1] Symantec, Internet Security Threat Report Volume 20, April 2015.
[2] G DATA, Mobile Malware Report, Q1 2015.
[3] McAfee, Digital Assets Survey, 2011.
[4] McAfee, 10 Quick Tips to Mobile Security, 2012.
[5] Not all features are available in all editions or versions of Windows. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows functionality. Windows 10 is automatically updated, which is always enabled. ISP fees may apply and additional requirements may apply over time for updates. See http://www.microsoft.com.
[6] Stroz Friedberg, On The Pulse: Information Security Risk in American Business, 2013.
[7] Ponemon Institute, 2015 Cost of Data Breach Study: Global Analysis.
[8] Windows 10 Enterprise and Device Guard are only available for installation through HP Custom Integration Services to enterprise customers with a volume license to use Windows 10 Enterprise and requires TPM 2.0. Device Guard is not available with Windows 10 Pro.
[9] HP Touchpoint Manager requires purchase of a subscription and supports Android™, iOS and Windows 7 or higher operating systems and PCs, notebooks, tablets and smartphones from various manufacturers. Not available in all countries see www.hp.com/touchpoint for availability information.
Windows is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries.