It may seem like big corporations are more vulnerable to mobile security threats because they often catch the attention of mainstream media, but that's simply not the case. Because many business owners buy into that philosophy, small and medium-sized businesses are more often the main targets of cyber-attacks due to their lack of protection on their devices.
Trend Micro predicts that 2014 will bring one major data breach each month. Similar to previous attacks against SMBs, cybercriminals will continue focusing on gaining access to companies' online banking accounts, but other corporate data, like research, is also at risk. Hackers also target SMBs because they see them as gateways to larger companies and/or consumer data.
Related: How Secure Are You Really?
It's estimated that cyber criminals are stealing as much as $1 billion a year from SMBs in the United States and Europe (Tweet This!). It is more important than ever that small to medium-sized businesses have the resources to protect themselves against security threats, whether through a data breach or leakage, or due to lost laptops or mobile devices.
No business operates without an employee code of conduct, and the same should apply to a mobile device policy. Don't wait until it's too late to put one in place. Here are recommendations for small and medium-sized businesses to consider when implementing a mobile security policy:
Basic dos and don'ts
Every business is different, so decide what protocols are appropriate for your business. Basic guidelines include:
- Requiring device passcodes
- Installing a data protection solution
Basic guidelines don't allow:
- Downloading third-party apps
- Conducting company business while using public Wi-Fi
- Connecting to the server using personal devices
Your best defense is software that stops threats before they reach your business infrastructure.
Promote best practices
The top reasons cited for data loss involved employee behavior. Educating your employees on mobile security is your best defense. Simple ways employees can implement best mobile practices include:
- Never share passwords
- Use different passwords for different accounts -- and change them frequently
- Be aware of phishing attempts -- think before you click
- Avoid downloading risky files like games and toolbars
Don't be caught off guard
Unfortunately, it's likely that, at some point, your business will experience some type of mobile data loss. It's best to have a plan in place so you're prepared to react.
- Install data loss prevention (DLP) software on all mobile devices
- Remind employees that it is imperative that they report any lost or stolen devices immediately
- When a device is lost or stolen, activate the DLP software to lock or wipe the device
In 2014, mobile technology is necessary for businesses to operate efficiently, but like all technology, it comes with risks. Protect your small business with mobile security software.
JD Sherry is Vice President of Technology and Solutions for Trend Micro. He is responsible for providing guidance and awareness regarding Trend Micro's entire security portfolio aimed at protecting both commercial and government cloud ecosystems.