A Few Mobile Device Security Best Practices for 2022

Scott M. Warner - President, Connecting Point

According to the U.S. Department of Labor, over 60% of the US working population is now working in a hybrid or fully-remote capacity.  While the pandemic initiated workplace flexibility, it seems that the Work From Home (WFH) dynamic is here to stay…which has created some interesting IT security challenges. Personal mobile devices are being used in greater capacities to access data and applications – this creates an often-overlooked security risk. To improve awareness and security, here are 5 mobile device security best practices that should be considered.

1. Enable User Authentication – Mobile devices can set screen-lock and require a password/PIN.  Make sure devices require passwords, PINs or biometrics to access the device.
2. Update the Operating Systems Regularly – If you run outdated software on your mobile devices, your risk of compromise increases exponentially. Google, Apple and Microsoft constantly provide security updates to stay ahead of vulnerabilities.  Don’t ignore prompts to update your mobile OS – we recommend turning on automatic updates.
3. Avoid Public Wi-Fi – Although most places we go have free/open wireless access as a courtesy, any time you connect to another organization’s network, you increase the risk of exposure. If you are on public Wi-Fi, never access personal or sensitive information. Instead, use your secure mobile hotspot and ensure it requires a complex password and don’t allow others to join.
4. Use a password manager – Passwords are frustrating to create and remember…therefore it’s easy to use the same one across multiple sites and logins.  Rather than reusing passwords, utilize a password management application allowing you to store passwords for all sites in a secure location. These apps also help generate complex passwords and keep you accountable for creating and remembering unique passwords. We also recommend that you pair password managers with multi-factor authentication to further protect yourself if a username or password is compromised.
5. Be careful and cautious about what apps you install – While it seems like there is a mobile app for everything, all apps are not created equally, and many apps and games lack critical security protocols. These apps can collect and share personal information, track your location and bombard you with targeted advertising.  Also, single sign-on gateways for Google and Facebook can allow tech giants to share critical information across multiple apps and sites. 

On top of these best practices, it’s also helpful for a business to utilize mobile device and application management tool(s).  These tools can help protect and secure the users, applications and data across your mobile devices. Certain industries might also require an MDM/MAM tool alongside a stated corporate policy for mobile devices or BYOD.

If you need help reviewing your mobile device strategy or enhancing your security posture as a business, Connecting Point can help.