Harmful computing practices in enterprise
07th of June 2021
Smartphones and tablets started being part of many companies’ daily life more than a decade ago. However, a huge part of enterprises are not careful enough about professional data that might get transferred from a device to another. Indeed, in 2021, some users still have harmful computing habits that can be a danger for professional data security. Here is a non-exhaustive list followed by good practices that will prevent them.
Not securing smartphones with a password
According to the Kaspersky Lab report, in 2018, nearly 52% of respondents didn’t protect their smartphones with a password. This bad practice is still very common today, even when devices contain sensitive data: personal information about the user but also professional data and documents. With the development of BYOD, enterprises must be careful and require at least a password protection to restrain devices’ access. However, without a strong MDM solution, it is hard to force users to put passwords on their own devices.
Accidentally installing malicious applications
Smartphones and tablets users have access to millions of applications through their devices applications market, such as the Playstore or the Apple Store. Nonetheless, among all of these applications, an important number are dangerous and programmed to steal company’s data. As reported by The Invisible Digital Threat report from Secure-D, in the first quarter of 2020, 29 000 malwares applications were available on the Android market.
Not restraining information access
Companies are now paying more and more attention to external data stealing, coming from a competitor for example, but they usually don’t think that attacks could come from inside. And yet for instance, some past employees may still have access to professional documents or accounts on their personal smartphone. According to the Global Data Risk report from Varonis, in 2018, 21% of all folders in a company are accessible to every employee. Without a mobile device management software, companies are not able to restrain the access to professional documents on mobile devices and delete business data for ex-employees.
Not blocking connectivity points
Many people still connect their professional devices to unsecured public WiFi networks (not protected by a password) without any particular caution. Except for secured WiFi networks such as the company’s or homes ones, this behaviour can result in the installation of malwares on the devices. Still regarding the connectivity points, connecting a mobile device to a computer via a USB cable also increases the chances of data theft if one of them is infected by a virus.
How to increase the security of devices handling professional data ?
All those bad practices can easily harm a company’s security and lead to data leakages. To avoid this, setting up a mobile device management system is essential.
An MDM solution like TinyMDM enables businesses to solve the problems listed above. Indeed, this software can be used to remotely force a password on professional mobiles but also to block access to business data on personal devices with the installation of a work profile. Also, with this Android mobile device management solution it is possible to choose the applications that will be visible on smartphones, tablets or rugged devices and to block access to the public Play Store. Among other features, we can find the professional files synchronization, which might be restricted to specific devices only.
Many bad practices are still affecting professional data security, particularly in SMEs (as said in the Data Breach Investigations report from 2018, 58% of data hacking involves small and medium businesses). Nowadays, it is impossible for a company to know exactly which data is stored and/or shared on personal devices by its employees, for private policy reasons. However, an enterprise can set up secured professional dedicated devices and also restrain access to corporate information on private smartphones or tablets, by using a reliable MDM solution.