Mobile working is progressing steadily and is becoming more and more prevalent. Work-life integration ensures that many jobs are done remotely. This means that people have long since stopped working exclusively on site at the company. Work is done within the employee’s own four walls. However, mobile security is often neglected.
Mobile security weak point
Whether in the office or in the home office, the technical and organizational equipment leaves little to be desired. The laptop is easy to transport. The dual monitor is connected with just one plug. The printer receives its signal via Bluetooth anyway. Everything works everywhere without any major problems. The gap often lies in security. This is not due to the users. Although employees also have to take care of the security of their private data at home, an anti-virus program and a good password are usually sufficient. Company files, on the other hand, should be better protected. However, this is still neglected by many employers. Small and medium-sized enterprises (SMEs) in particular are reluctant to invest in the security of their data, as has been statistically proven. In addition, private devices are often used for business purposes and vice versa. This quickly becomes apparent, especially due to the flexible way of working. After all, if you need to check your business emails in front of the TV in the evening, you can quickly do this on your private laptop, which is already available. This results in numerous security risks and open doors for malware.
How can you work safely on the move?
The first step towards secure mobile working is multi-factor authentication (MFA) via an authenticator such as the one from REINER SCT. This makes it virtually impossible to gain unauthorized access to company accounts. However, this should not be the only step. Regulations should be defined within the company for mobile working. This also includes the security policy. Every employee must be aware of how and where data is backed up. This can include, for example, only storing data in password-protected clouds and not leaving anything on the laptop’s hard drive. Communication channels should also be regulated. What channels are used to communicate with each other when employees are in different locations?
Who is allowed to do what?
The home office cannot be equipped with access control. There should therefore also be a regulation for haptic documents. After all, company documents should not simply be left on the employee’s living room table. This also applies to the disposal of information. In general, no business documents should simply be disposed of in the household waste. The company itself is responsible for this and should also have a clear policy for this. In addition, access protection for certain areas makes sense. Not every employee needs to be able to access all files. The more organized the access options are, the lower the security risks. And what happens if a device is lost? If an employee loses their business cell phone on the road, can they simply use their private cell phone? And do they have to report the loss to someone in particular? How long does it take for all passwords and accesses to be changed? And how long until all employees receive the new passwords? This process should be clearly regulated and, in the best case, constantly optimized. In principle, the IT department is responsible for setting up a secure, mobile way of working. The form in which the protective measures are implemented also depends on which programs are used. Incidentally, one of the most important tips for mobile security is: never click on a link in an email whose origin you do not know one hundred percent. Phishing is one of the most common forms of cybercrime and continues to be a successful method of installing malware on other people’s devices.
Conclusion
Mobile security at work is still very much neglected. Yet it is particularly important in times of working from home and flexible working models that all data and devices are protected. The measures range from minor details to full-blown security factors. Implementation is the responsibility of an IT department. Compliance with the regulations, on the other hand, is the responsibility of the employees. Openness and explanation are important elements in the implementation of protective measures to ensure that everything runs smoothly.