According to research carried out by Gartner, smartphones may be endangering company security as their popularity continues to grow.
More and more employees are using smartphones instead of laptops to access company email and connect to company networks when they are out of the office.
Sales of mobile devices in the second quarter of this year grew 16.5% year-on-year, whilst for smartphones the figure was 74%, accounting for 25% of overall sales. This has risen 17% since the previous quarter in business sales.
Wick Hill Group plc have warned that this raises key issues pertaining to security which companies have given little or no thought to.
It is thought the biggest threat is that these devices are more often lost or stolen than many of the larger devices, such as laptops and netbooks.
Research by getsafeonline shows that 1 in 5 smartphone owners can expect to, or have, lost their device at some point. It is also thought that people consistently lose their phones in London taxis and there is “a fairly consistent 10,000 per month” devices left in the vehicles.
It is also believed that phones connected to a VPN could be at risk of becoming infected with malware or being hacked.
Philippe Winthrop, an analyst at consultancy Strategy Analytics , commented: “If I take your device and muck around with it, what if the VPN is set up on it? It’s a huge risk not being dealt with enough today.”
Getsafeonline’s Tony Neate says: “Users must remember that they are essentially carrying around a tiny laptop with a wealth of personal information that is very attractive to fraudsters.”
Smartphone security has become high profile recently as the infection rate in Android devices has risen dramatically. Many don’t realise that there is a need for security software to be installed on the devices, leaving them open to different kinds of attack.
Security experts have warned that smartphones now represent the easiest way for criminals to steal personal information and use information fraudulently.
Bearing this in mind, it is more important than ever for companies to have security policies and implement protective measures across the business.
This is especially true when companies allow employees to use their devices for both business and personal use.
The mixture of voice and data also means that firms have failed to take into account the additional security issues that this could raise, especially when it comes to secure connections.
According to the report, there are a number of steps that businesses can take to better protect devices used by employees.
These include setting up a PIN in order to secure the phone and not relying on default settings.
There should also be a facility which allows the data on the device to be wiped if a criminal should attempt to enter the pin more than three times.
A central management system should be set up in order to prevent a phone being used in the event that it is lost or stolen.
Another recommended step is to install GPS tracking and a “SIM watch” which sends any new number back to the company if a new SIM is placed into the handset.
As with personal phones, it is also a good idea to make a note of the IMEI numbers of company phones. If a device is lost or stolen, the number is placed on a database and blocked, meaning that it can no longer be used.
Further useful advice is to simply treat the devices as you would a PC and train employees to take care when opening mail or clicking on links.
As with computers on a network, companies should install antivirus solutions and ensure that these are properly licensed and kept up to date.