Workplace Mobile: 6 Key Training Points When Teaching About Mobile Security
In today’s mobile age, mobile security training is more important than ever. Companies training their managers and employees in proper mobile practice should include key points, such as:
1. BYOD Comes With Extra Responsibility: Workplaces are frequently adopting BYOD, or Bring Your Own Device strategies that let employees bring in their own smartphones and tablets, using specific apps to interact with company networks. Regardless of the stance on BYOD, companies should train their managers and employees to understand the BYOD concept and the responsibility it puts in the hands of employees. When employees use their own mobile devices for business purposes, it is up to them to manage security and practice safe use of technology. Companies can create strict policies, but more responsibility is put on employees to understand their own mobile habits and how they affect company security.
2. Apps Can Be Dangerous: Managers and employees should both understand the risks behind mobile apps. Mobile devices are still relatively new, and employees are often under the impression that any apps they can buy are naturally safe to use. This is not true – there are a number of scamming apps, fake apps, and apps that simply access more sensitive data than companies prefer. There is some variance between platforms – iOS has stricture app guidelines than Android so its apps tend to be much safer – but no matter the brand, not all apps are created equal, and many can pose a security risk. This is why it is so important for companies to develop guidelines on which apps can be used for business and which cannot.
3. Wireless Networks Are Particularly Vulnerable: Wireless network security can be a vague topic for many employees, but in our age of constant mobility it is important for all employees to understand the basics. Mobile device training should include the basics of router encryption, firewalls, and the danger of sending data through WiFi radio frequencies. Public vs. private hotspots should also be discussed, and employees should be instructed to never send especially sensitive data over WiFi networks, such as passwords, credit card info, and other confidential material.
4. Network Security Separates Customers and Employees: Most businesses approach wireless security by keep business networks private, either by creating a virtual private network (VPN) or by only allowing customers to access a limited guest network for their convenience and hiding the business side of the network from appearing on public WiFi searches. Managers should clearly understand that customers and employees are operating on different wireless networks for security reasons. Business data cannot and should not be transferred to customers through wireless connections, and employees should not mistakenly use guest networks instead of the intended private networks when working on business tasks. By clearly understanding the difference between the public and private networks that the company uses, employees will be able to make wise security decisions.
5. The Little Things Are Still Important: While mobile security training can get technical at times, companies should never forget to go over the basics. Mobile devices should always have basic passcode security so that people cannot simply pick up a phone and access sensitive data through the interface. Employees should not leave their phones in public areas where they can be easily accessed or stolen. Effective wireless security does not mean employees can ignore basic desktop passwords and email security, either.