Your Pocked Sized Security Threat

Posted on by

Smart Phone Security

You guessed it. I’m talking about those mobile phones that everyone has in their pockets.

How many people in your business have a company-issued phone or use their own to access company data like emails, client information, or documents? It is probably a high number, right? Your phone is a big risk to your data security as smishing attacks (they are the text message equivalent of a phishing email) increased 328% in 2020 and will probably significantly rise again this year.

The reason for the large increase is because they are a goldmine for cyber criminals. 98% of text messages are read and 45% are responded to. So a smishing text is likely to yield good results for criminals.

Once your phone is infected, malware can monitor your calls, SMS’s, emails and if your phone is connected to your business network, the infection may spread through your corporate data and even spread through the corporate network.

Malware aside, mobile devices are more prone to loss and theft, which could see them easily falling into the wrong hands.

So with all that in mind, what steps are you taking to keep phones protected from threats like cyber-attacks and data theft?

First and foremost, you need to educate your staff on the dangers that smart phones pose. Make sure they know how to spot a smishing attempt and not to click or respond to anything that raises a red flag. Encourage everyone to block any numbers sending bad texts.

If your people are in any doubt as to whether a message is genuine or not, ask them to clarify with their contact with a phone call. Do not respond to a message if there is any doubt over its authenticity!

Make sure that everyone uses multi-factor authentication on all their accounts and set up encryption and the ability to remotely wipe data a device in case it is lost or stolen.

Everyone in your business should also know exactly what they have to do if they have clicked on a potentially dangerous link, downloaded something they should not have, or lost a device. Create a protocol that details who needs to be informed and in what timeframe, the information that needs to be given and how it is escalated within the business. The sooner a potential breach is reported, the more can be done to quickly rectify the situation and protect your data.

As usual, if you need any further help or advise on keeping all of your devices safe and secure, please contact us.