In warfare, the larger an area is, the harder it is to defend. The same logic applies to cybersecurity: as you increase accessibility to your data, protecting that data becomes more difficult. Beyond desktops that remain in your office, now you have laptops and smartphones to worry about, too.
While mobile technology is a godsend for Kansas companies that are implementing remote work policies, it also presents two cybersecurity challenges. Firstly, mobile devices are portable access points to your data and systems. If criminals manage to steal or hack into your employee’s device, they’ll run amok in your network like a fox in a henhouse.
Secondly, users tend to store company files in their devices, so when a device gets stolen, that would practically mean that the files are stolen, too. In either case, the value of the stolen equipment would be dwarfed by the value of your vulnerable data.
To help you keep your data safe in a mobile-first world, follow these tips:
- Implement a zero-trust policy
- Don’t let staff use their personal accounts for work — provide them with company accounts
- Require the use of strong, unique passwords and multifactor authentication (MFA)
- As much as possible, don’t store files in portable devices
- Clean portable storage media before using them
- When charging your portable devices, plug them into wall sockets instead of USB ports
- Use a VPN
With your virtual perimeter ever wider thanks to all the devices accessing your network, your network is more likely to be infiltrated. This is because the firewalls and anti-malware programs along your perimeter are signature-based. That is, if a threat’s signature is yet unknown, then it’s likely to pass through undetected.
A zero-trust policy assumes that that is already the case. A data audit is performed to identify the data that needs the most protection, and micro-perimeters are built around it. At these borders, the principle of least privilege is applied — access is only granted to staff who need it to accomplish their tasks.
Not only will this help prevent mix-ups (such as missending emails containing sensitive company information), but this will also grant IT admins greater control over your data.
People may groan at this, but you need to impress upon your staff that the little extra effort they expend saves the company a lot of grief that would be caused by data breaches. Have them use company-approved password managers and MFA apps to make their lives a little easier.
Store files in the cloud instead. However, accessing the cloud necessitates an internet connection, so staff who are working offline would have to save files in storage media (such as the device they use for work or a USB thumb drive). If this is the case, have them use a program like WinZip to encrypt their files before storing these in their machines. And once they’re done with the files, they must take the files out of their devices by deleting them or moving them to the cloud or to on-premises storage.
Sharing USB keys can also mean sharing the malware they contain, so it’s good practice to scan these with antivirus software before using them. Note that even newly bought media could contain malware, so clean those before using them as well.
This practice reduces the risk of malware transfer.
Staff who use public Wi-Fi are vulnerable to man-in-the-middle (MiTM) attacks wherein hackers may intercept the connection and either steal data or manipulate the exchange of data between your network and the user’s device. A VPN encrypts the data exchange so that all the MiTM attack gets is a meaningless jumble of letters and numbers.
Vigilance across your entire organization is key to thwarting data breaches via mobile devices. To receive help in keeping your data safe, consult with Umbrella today.