Keeping Devices Cyber Secure in the Workplace

Written By Madeline L

It’s no surprise people want/need to be within reaching distance of their personal and work devices during the working day. Many would find it unreasonable not to be, which, when balancing productivity needs can make devices in the workplace a tricky subject.

Beyond, the risk of detracting attention, devices also pose a security risk that can compromise the most robust of strongholds. Falling for phishing links, improper use of the company’s wifi and other understandable human errors can cause serious security breaches.

Here are some essential strategies and practices to enhance device security as a whole, and safeguard sensitive information. For work devices you can make these into hard and fast rules to protect both the team and the business, but hopefully they will be carried over to personal device use too!

1. Implement Strong Authentication Measures

Screen Locks and Passwords

Using a robust screen lock mechanism is the first line of defense. Require passwords, PINs, or pattern locks to access devices and consider implementing policies that enforce the use of complex passwords.

Biometric Authentication

Leverage biometric authentication methods such as fingerprints, facial recognition, iris scans, and voice recognition. These methods provide an additional layer of security and are generally more difficult to bypass than traditional passwords.

Multi-Factor Authentication (MFA)

Implement multi-factor authentication, which combines two or more forms of verification. This significantly reduces the risk of unauthorized access even if one authentication method is compromised.

2. Regularly Patch & Update Software

Operating System and Application Updates

Ensure that all devices are running the latest versions of their operating systems and applications. Security patches and updates are often released to address vulnerabilities that could be exploited by attackers.

Automated Updates

Make it easy by enabling automated updates where possible to minimize the risk of delays in applying critical patches.

3. Enforce Device Encryption

Full Device Encryption

Encrypting the entire device ensures that data remains protected even if the device is lost or stolen. Full device encryption converts data into unreadable code that can only be deciphered with the correct decryption key. Don’t worry, many devices already do this but definitely Google the devices model to learn how if not. It’s not as technical as it sounds.

File-Specific Encryption

For additional security, consider encrypting specific files or folders that contain sensitive information. This ensures that critical data remains protected even if other parts of the device are compromised.

4. Secure Data Transmission

Virtual Private Networks (VPNs)

Encourage the use of VPNs, especially when accessing corporate networks remotely. VPNs create a secure, encrypted tunnel for data transmission, protecting it from interception.

Secure Communications Tools

Use secure communication tools that offer end-to-end encryption for messaging and calls. This ensures that only the intended recipients can access the content of the communications. This usually means avoiding the default and downloading an app such as Signal or the more commonly used WhatsApp.

Have an Alternative Wifi Option for Personal Devices

Utilise a wifi network, separate from the corporate wifi, e.g. ‘guest’, for people to use when using their personal device. This will protect the corporate network from intrusion. Also strongly discourage your team from discussing work matters or sharing work files via their personal devices.

5. Implement Mobile Device Management (MDM)

Device Control and Monitoring

For work devices, deploy MDM solutions to manage and monitor them remotely. MDM allows IT administrators to enforce security policies, monitor device usage, and remotely wipe data if a device is lost or stolen.

Application Management

Use MDM to control which applications can be installed on devices. Whitelisting approved applications and blocking unapproved ones helps prevent the installation of malicious software.

Turn on “Find My Device”

"Find My Device" is a crucial security feature available on most modern mobile devices. It allows users to locate their lost or stolen devices remotely, typically through a web interface or another device. In addition to locating the device, many "Find My Device" services offer a remote wipe feature, which is an excellent last minute resort. This enables users or IT administrators to delete all data from a device remotely and is particularly valuable in scenarios where a device containing sensitive information is lost or stolen, as it prevents unauthorised access to personal or corporate data. However, it's important to note that remote wiping permanently erases all information on the device. Regular backups are therefore essential to ensure that important data can be recovered after a remote wipe is performed.

6. Educate Employees on Security Best Practices

Regular Training Sessions

Conduct regular training sessions to educate employees about the importance of device security and the best practices they should follow. Topics can include recognizing phishing attempts, securing personal devices, and safe browsing habits.

Security Policies

Develop and distribute clear security policies that outline the expected behavior and responsibilities of employees regarding device usage. Ensure that employees understand and comply with these policies.

I hope that makes everything a little clearer. Soon I will be launching downloadable templates, including a BYOD policy template you can get your team to scan and sign so they have clarity on what they can and can’t do and solutions to any issues they might think of.

Regardless of the above, always be prepared with regular backups and a tight disaster recovery plan.

Madeline L
Previous

Cybersecurity for Influencers: Allowing your Brand to Thrive Securely
Next

How to Backup Business Data