https://www.sikich.com

How Mobile Devices Put Your Business at Risk

Carl Miller

May 15 2019

3 min read

Statistically speaking, 53% of everyone reading this article is on a mobile device. A short 10 years ago, the average person didn’t even own a mobile device that was internet connected, and browsing websites from mobile devices was painful for those who did. Fast forward to today, just about every employee in your office probably has a smartphone sitting on their desk or in their pocket.

Mobile devices are great. Gone are the days of forgetting your appointments when you aren’t around your computer. You can now send out a quick email while waiting for the meeting to start. From a business perspective, most employees own their own devices so there is no overhead expense for your company.

The problem with this wonderful technology, is the limited amount of control your IT department has with it. Do the mobile devices your employees utilize have some sort of antivirus or malware protection? Are they encrypted? What happens to your company data that can be accessed from that device if it is lost or stolen? Does your subnet have enough space for your work equipment and everyone’s cell phones?

Fortunately, there are a few basic security steps each prudent company can take to protect themselves from the problems associated with mobile devices:

Setup guest wireless – This will make you look like a hero because you are providing free wireless to your employees! Obviously, that is not the reason this should be done, but it does help! The main reason you should utilize guest wireless is to segment devices you cannot control away from your servers and network. This helps your network run smoother, as there is less traffic in the corporate environment. It keeps your DHCP scope clean, because there are fewer devices per user. Most of all, it keeps infected devices away from your sensitive data!
Create an enforceable policy for mobile devices. That policy may be that devices must be encrypted and have the ability to be remotely wiped by your IT department in the event they are lost or stolen. Office 365 and newer versions of Exchange already have these abilities, and they are invaluable when you need them.
Consider a mobile device management (MDM) program – This typically is only needed for more complex, or very large environments, but it gives you a wide array of options for management, such as pushing down apps or configuring settings. If your mobile device policy includes “Each device must have X antivirus, that is provided and controlled by internal IT” then this is the way to go.
Educate and incentivize your users – Ultimately, your networks weakest link is your least security minded user. Make sure you educate all your mobile users regularly and keep them up to date on possible security concerns. Finally, providing incentives such as the guest wireless and even allowing them to expense part of their monthly cell phone bill can go a long way to convincing your users to go along with your plans!

Have any questions about mobile device security and how to protect your business? Please reach out to our security experts at any time!

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. In addition, this publication may contain certain content generated by an artificial intelligence (AI) language model. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.

About the Author

Carl Miller

Carl Miller is a Senior Engineer on the Network Operations Center team. In addition to being a high end technical resource, he configures and manages the technology that automates tasks and prevents issues with our managed services and managed hosting clients. Carl has numerous industry certifications and over 20 years of experience in the IT industry.