A mobile device management (MDM) policy helps establish rules for using and securing mobile devices within your business environment. If you leave this to chance, you open yourself up to a variety of cybercriminal behaviors.
According to Verizon’s Mobile Security Index 2021, 40 percent of respondents stated mobile devices are their biggest IT security threat. Fifty-three percent said the consequences they suffered from a mobile device-related security compromise were significant.
When you face a major threat, it isn’t just the instant downtime that hurts. It can damage your reputation, create regulatory penalties, and cause loss of business too.
Right now, mobile device usage is changing rapidly. In the last year alone, desktop internet usage dropped from 54.86 percent to 48.88 percent, while mobile use increased from 37.38 percent to 47.59 percent.
You’ve seen the changes in your own office environment. No matter what services your practice offers, chances are you’re using remote technology now more than ever. Mobile devices are some of the most vulnerable and least regulated items you use on a daily basis. Without a mobile device management policy in place, your data is increasingly at risk. MDM policies are designed to keep all your devices safe, including laptops and notebooks, tablets, smartphones, portable medical devices, and more.
Effective MDM policies must apply to everyone with access to data, including employees, contractors, part-time and full-time workers, and any other personnel who access data on a mobile device. If you aren’t completely sure who this covers, this is your best place to start. Be sure to include all devices:
- Bring your own devices
- Company owned - business only devices
- Company owned - personally enabled devices
What should be in an effective mobile device management policy?
Password requirements - this should include things like requiring lock screen passcodes, and implementing two-factor authentication on the most vulnerable platforms.
Using anti-virus software - make sure all mobile devices use anti-virus software and updates are run regularly.
Patch programs - the only way to keep devices and platforms secure is to ensure you’re utilizing the latest technology. Effective patch management ensures you’re keeping your devices and systems as secure as possible.
Building an approved app strategy - downloading new apps is as easy as pushing a button. This can allow criminals easy access to your data. Create a company-approved app list, with ways to block or disable anything that isn’t on the list.
Avoid public WiFi and USB ports - it’s easy to find people huddled around charging stations, energizing their devices, and accessing private data. Without a proper policy for working in these conditions, hackers have free rein to load malware and other security risks.
Backup policies - we all know backups should be a regular part of the process, but it’s easy to push it aside without a policy around it. Establish backup schedules, automating if possible.
Loss policies - what do you do in the event of a loss? Whether there’s a breach in the data you’re working with, or an employee loses their device, clear guidelines should exist for what steps to take for recovery. Employees should never be afraid of consequences, but should have an immediate protocol list to follow to ensure minimal impact.
Training - one of the easiest ways to stay safe is consistent reminders. It may seem repetitive and overkill, but even just simple reminders can trigger action.
And it might be just enough to thwart criminal behavior.
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.
