Mobile security is a hot topic at the moment, and for good reason. According to a recent Experian survey, small businesses are more likely to fall victim to hackers than large, established companies. They tend to see themselves as less attractive than a big corporation and rarely operate with a dedicated, professional IT team – and as a result, they spend less time and money making sure their data and systems are hacking-proof.
While the term ‘hacker’ tends to conjure up images of computers, almost any system can be vulnerable: from your smart TV to your company’s servers, and, of course, your smartphone. As a small business owner or employee, it is essential that you are aware of the risks – and that you know how to keep your mobile phone and the data stored on it safe.
Everyone knows the words ‘hacking’, ‘virus’, and ‘data breach’. But what exactly goes on when your smartphone is under attack? There are many different ways for someone to access confidential information, and one of the biggest menaces is a social engineering technique known as phishing.
In order to phish, a hacker will discreetly ask questions through e-mail surveys or over-the-phone questionnaires in order to find out personal details about you. In a professional environment, passwords are very valuable commodities: if your password has some sort of personal affiliation, a hacker may be able to deduce what it is by phishing out your personal details (town of birth, mother’s maiden name, etc.) You may think that using a random password generator is enough to keep you safe from phishing – however, most password systems have backup authentication questions that will still require personal information to answer.
What about viruses, then? Viruses come under the category of malware, also known as ‘malicious content’. Basically, malware is a form of software (malicious + software = malware) designed to damage or corrupt a system it invades. While the terms are often used interchangeably, not all malware is a virus! Different forms of malicious software exist.
Sometimes, all a hacker needs to infiltrate a phone is the owner’s number. Once they have it, they can send a text message and attempt to coerce the user into clicking on a link which can then send malware onto the phone. If the hacker is targeting a business, Trojans are especially useful, as they can access the information on the handset undetected.
If an employee of a small business has their mobile phone compromised, it could prove very difficult to find the attacker. Because smartphones can be used as a ‘pivot point’ for the hacker to store all their stolen data on, everything would point to the phone’s owner as the culprit – even if they’re completely innocent.
Because more and more people are working on-the-go on their smartphones, they need to make sure they access company data securely, especially if they’re using their personal devices. (But even company smartphones need to be properly protected!)
Business owners have a duty to assist their staff with cyber security if they don’t have a dedicated IT department, and implement security policies such as banning employees from accessing corporate data using a public Wi-Fi network. (62% of employers have already done this. It might be worth doing the same if you haven’t.)
The two most important types of data to keep private are financial and customer information – financial goes without saying, but while having customer data stolen might not directly hurt your business, it will still have some very grave consequences. A 2016 EU directive – the Article 29 Working Party on Data Protection – asserts that businesses must have measures in place to protect themselves data breaches.
Article 29 states: “common EU rules have been established to ensure that your personal data enjoys a high standard of protection everywhere in the EU. You have the right to complain and obtain redress if your data is misused anywhere within the EU.” This means that any business that loses their customers’ personal data is accountable; should regulators find a business guilty of losing customer information, the business could face a fine of up to 4% of their annual turnover. For small and large businesses alike, this would be a devastating loss of revenue.
Even if no financial losses occur, losing your customers’ trust will be extremely damaging. It’s important that you keep their details as safe as possible.
First, choose your device carefully. Most top-range manufacturers, such as Samsung and BlackBerry, are aware of the demand for secure smartphones and are known for their impressive security features. But it’s also important to know the risks so you can avoid them. Some best practices you and any of your employees can follow are:
Obviously, this list is non-exhaustive, but it should give you enough to get started with cyber security.
Call our team of experts on 0333 996 0029 or email [email protected]
Don’t wait. Contact us today for more information. Email us now at: [email protected]