Tech Talk with Jeramy Mercil, Enterprise Solutions Architect, Compliance Officer – Deerwood Technologies
When most people think of information technology and security, their cell phone isn’t the first thing that comes to mind. Everybody has a smart phone these days and little effort is put in to secure them. From a hackers point of view though, what better target! There is usually no antivirus or firewall. They are online and connected to the internet 24/7. In addition to all of that, they’re usually quite vulnerable as it takes so long to get a security update, that by the time it’s applied to your device, it’s already affected by a new set of vulnerabilities.
From a business owners point of view this could be a nightmare. With everything that people do on their phones (email, banking, games, pictures, web browsing, and social networking) there is no separation of work activities from personal activities. The permissions that you grant some of those games and funny little gadgets are sometimes quite startling. Whoever reads those security or legal notices anyways, right? Often you are giving these applications complete access to your phone and the network it connects to. So when you mix personal activities on a phone that has your business emails or corporate application, you’re exposing your phone and increasing the risk of being exploited.
What can I do to mitigate these risks? Throw your smartphone out the windows and go buy a dumb phone (one of those old style flip ones, with no internet access). No, I don’t see everyone devolving or starting to wear fashionable metal hats, but I do see people becoming more aware of the risk and actually taking action it. For starters make sure you lock screen pin and encrypt your SD card. After that I would get an antivirus and firewall app. For the extra paranoid user, install a log viewer app and see what your phone is doing.
That’s a good start, but what if you’re running a business and are managing 10’s, 100’s, or even 1000’s of devices. That’s where mobile device management (MDM) comes into play; by implementing an MDM solution you can force security features to be enabled or policies to be applied. You can remotely wipe a lost device or install a new company supported app for the mass of phones that you manage. Location tracking and remote log collection features could be enabled in more advanced systems. So whether you are ready to explore a full blown MDM environment or just want to learn more about ways to keep your or your staff’s mobile devices secure, take the next step and reach out to your Deerwood Technologies Account Executive for more information.