The increasing use of mobile devices in our personal lives has led to a growing acceptance of smartphone usage at work. As a result, the boundaries between our private and our employer’s digital domains have become blurred and we need to ask: Is working on your smartphone a risk or cybersecure?
While a few employers are reluctant about working on personal smartphones, for many industries it has become normal for employees to be responsive online, answering calls and emails through their mobile devices. And, while the positives and negatives of this can be debated, it can’t be denied that this has created a secondary issue; a rise in cybercrime targeting mobile devices at work.
USE OF MOBILE DEVICES FOR BUSINESS
It is well-known that mobile devices have become far more common in the work environment over recent years. Once considered a no-no in the workplace, mobile devices are now extremely common. In fact, 87% of companies say that they expect staff to use personal devices for work purposes.
There are significant positives from this perspective too, as 75% of employees say that using their smartphone makes them more productive at work. It can be easy to understand how this can feel like a win-win scenario. Companies want them to be used, and employees want to use them. However, businesses need to be aware of the greater exposure to cybersecurity attacks this presents, an important fact that is often overlooked. At this point we can say working on your smartphone is a risk.
MOBILES NEED PROTECTIVE MEASURES
Employees that use computers at work are generally protected by a range of cybersecurity measures. Smaller businesses and those less security orientated will almost always still have measures such as a firewall and anti-virus software that runs across all the machines in the system. Larger and more advanced businesses might also have cybersecurity software for their computer systems.
However, what these services all have in common is that they do not provide protection for personal devices, smartphones or regular mobile internet use which must also be a consideration. Remember, smartphones that are not considered a part of the company IT infrastructure may still be able to access and leak sensitive company information, but lack these powerful cybersecurity measures to keep them safe.
What your business can do.
- Create a mobile device policy and establish a formal code of conduct so that staff understand, and are fully aware of the current cyber threats and their company’s vulnerabilities.
- Staff need to take responsibility for their own mobile phone cybersecurity.
- Teach them how to keep devices secure by using strong passwords and antivirus software.
MOBILE MALWARE ATTACKS ARE ON THE INCREASE
Once something becomes common, you can be sure that cybercriminals will look for ways to exploit it. This has certainly been the case with regards to the use of mobile devices within a business setting.
Malware has become increasingly common on mobiles and can be extremely troublesome, not least because it can actually stay on a device for a very long time without being noticed. This means that cybercriminals can breach a system and steal data for a significant period after malware has been implanted on the device.
REDUCE THE RISK OF WORKING FROM HOME
Since COVID-19 pandemic, there has been a huge rise in the number of people working from home. That’s been very good news from a number of perspectives; productivity and staff morale have gone in a positive direction. But from a cybersecurity perspective, home working is something of a challenge.
It is common for private computers to have reasonable cybersecurity measures, but actually relatively rare for mobile devices. This means that if more people are working at home and using mobile devices, they are potentially causing cybersecurity issues for the business they work for.
ENDPOINTS ARE A MAJOR TARGET
While businesses can be targeted in many different ways, there has been a significant rise in the specific targeting of endpoints. If cybercriminals are able to gain access to an endpoint – such as a mobile device – they can get into the system as a whole.
Mobile devices have an important role to play for businesses, they are liked by employees, and it is clear that they have naturally become important to how companies operate. But as they pose a cybersecurity risk, more has to be done to integrate a more holistic cybersecurity policy that puts a greater emphasis on ensuring mobile devices are secured in the same way as other machines utilizing the system.
