Sound the alarm and hang on tight to your phones. Recent news about US government agencies and police forces buying iPhone hacking devices has left many IT pros wondering about their mobile security. What if these devices—which have a price tag starting at roughly CAD$19,000—fall into the wrong hands or are misused by the legal authorities owning them? Could the mobile security of individuals and organizations slide down a dangerous slippery slope that even the strictest data privacy laws can't safeguard?
While the mere existence of these phone-hacking devices is worrisome, you can take proactive steps to ensure your business's mobile security, starting with the following:
1. Set stricter rules
If your company collects, uses, and shares personal information as part of its business activities, then you need clear policies ensuring adherence to Canada's data privacy laws, namely the Personal Information Protection and Electronic Documents Act, as well as anti-spam legislation. Your customers, suppliers, and employees rely on you to keep their information secure, so it's important to have rules in place to safeguard confidential data.
2. Build data security into your culture
Once you've laid down the data privacy law for your company, don't walk away just yet. Data security isn't something you can just set and forget. Make sure everyone in the company understands and follows these rules. Keep data security top of mind in your workplace—and ingrained in your workplace culture—by posting regular reminders in the company newsletter and blog. Host workshops or lunch-and-learns where you refresh your team members' knowledge of the data privacy laws in Canada and how they apply to your company.
3. Bring in the experts
With so many moving parts in your technology infrastructure and device network, it can be easy to miss the blind spots in your security strategy. For instance, did you know overlooked printers are often the weak link in many companies' security strategies, and 61 percent of recently surveyed companies experienced print-related data loss in the past year? That's why you should always seek professional expertise when you need it or don't have time to constantly assess every aspect of your company's IT environment. It can be as easy as asking your technology suppliers if they offer data security advisory services.
4. Secure your mobile devices
Everyone's doing business on the go these days. At the same time, threats to mobile security have grown exponentially in recent years. Between 2015 and 2016, the total number of mobile malware soared from just under 4 million to almost 15 million. If mobile security isn't a top priority in your company today, then it's time to put on your superhero cape and fly to the rescue.
Start by looking at cloud-based services that can manage your devices and move your apps and data to the cloud—a good way to protect confidential information in case a team member loses a device. Your strategy should also ensure secure access to mobile printing. Consider a managed print solution that gives you greater control over network access and printer output.
5. Stay vigilant
Here's the thing about data security: The landscape keeps shifting as hackers and developers push out new malware and encryption technologies. Avoid the soft trap of complacency by keeping abreast of the latest developments in data security and privacy laws. Review and audit your data and mobile security strategy regularly, and give your team constant reminders that protecting the information your company collects, uses, and shares isn't just IT's responsibility—it's everyone's responsibility.