Smartphones have become like an extra limb for a huge majority of us – particularly the younger generation. They are often the first thing we check in the morning and the last thing we look at at night. It is quite shocking to think about the amount of information we store in our phones, and we don’t just mean phone numbers and texts. We access our bank accounts, buy and sell items, access social media, store documents and appointments. They can tell others where we are and track our web access. When used at work, they can access business networks, emails, and store private data. When put into black and white, it is easy to see why smartphones are such a temptation for hackers.
Smartphone security – An individual issue
Just as with PCs and laptops, it is up to the user to ensure smartphones are secure. This is despite the updates that iPhone and Android automatically provide. A report by the Telegraph points out that “all of the top 100 paid-for Android apps and 56% of the top 100 paid-for Apple iOS apps have been hacked.” It is important to remember that while technology companies can develop and adapt to new threats, hackers also develop new ways to get into devices. These hackers can break into a device in 30 seconds with the right equipment, and the right equipment is becoming much easier to acquire.
Using a smartphone at work
The risks of using smartphones at work are high, particularly if they are being used for work tasks, rather than just being used to check personal emails or make personal calls. Whereas company computers are under close scrutiny with regards to security, employees’ phone security is their own responsibility. Smartphones are at a much higher risk of being infected by spyware or malware, and to add a new one to the list, ransomware. Last year alone, 29 NHS trusts were targeted by ransomware. This higher risk is due to the fact that we are able to download numerous different apps, all of which pose a new risk to our devices, and all of which gather new information about the user and the networks they are connected to.
Employees who use their smartphones for work tasks – storing information, numbers, emails and texts from work colleagues – are risking having this information stolen either through hacking or through physical loss of the device. It is imperative that businesses understand the risks of portable personal devices and implement an effective smartphone security policy. For instance, if a personal device is lost or stolen, IT departments are not able to wipe information the way they are able to with company-owned devices. Such access to personal devices is unrealistic, but businesses need to consider their options in reducing the risks posed.
Connecting to a business network
Allowing employees to connect to an open wifi network is a particularly high risk situation. It can give hackers the opportunity to access networks, exploiting weaknesses in security. Use of an insecure device, whether it’s a smartphone or a tablet, can act as a gateway to company information.
There are, however, ways to counteract the effects of using personal devices in the workplace. IT departments are able to put in place strict regulations with regards to security of portable devices and usage of such devices when utilising business networks and wifi systems. Businesses can also enforce strict usage policies, all of which should be included in an employee handbook and regularly reviewed. If such guidelines are followed then smartphones become a highly useful tool within the workplace, rather than a high-level cyber security risk.
Our experts can offer advice on implementing a smartphone security policy, so get in touch today if you have any concerns regarding the use of smartphones in the workplace.