It’s a fact of life that mobile phones are lost or stolen every day of the week. Smartphones in particular are a target for thieves due to the small size and high value of the devices. So how do you manage that risk?
Remember that the cost of a replacement device is the least of your worries – you need to ensure your company information and your customer’s information is secure, and the best way to do that is to plan ahead.
Treat your phone like a passport: record the unique identifying number. Each device has a unique IMEI (International Mobile Equipment Identity) number. Most modern handsets will display this number within the “about” menu (usually under Settings / General, or similar depending on your phone type) or you can usually find it on a sticker within the battery compartment. Some of you may even remember getting this number off old Nokia devices by entering “*#06#”! The IMEI is useful for two reasons:-
1) Your mobile operator can blacklist that IMEI number from use on any Irish mobile network. They may have it on file but it always helps to have your own record.
2) Provide the Gardaí with your IMEI on the chance that they recover stolen property and your phone is among the haul.
Put the right security policies in place from day one and talk to your mobile operator about MDM (Mobile Device Management). MDM allows you to enforce various security policies on smartphones. Typically, it’s all done over the air and when a device goes missing, you have a range of options at your disposal to deal with that.
For smaller organisations with a limited budget, basic management features are available within Exchange and services such as Google Apps for Business.
Absolute essentials for device protection
At an absolute minimum, you want to:-
• enable device encryption
• enable a password lock with a timeout of 10 minutes or less and minimum of 4 digit length
• enable an automatic wipe if the passcode has been entered incorrectly a significant number of times (no more than 10 attempts)
Budget conscious businesses with a small fleet of devices can also benefit from the consumer value-adds provided by the likes of Apple, Google and Microsoft. The big OS developers like to tie
consumers into their cloud products and in return users can access “find my phone”, remote wipe or remote lock management capabilities, with nothing more than a free account and a web browser. A note of caution: they’re not ideal for businesses managing a large fleet of devices, and you may not want your business information synchronising to such a service. Check out www.icloud.com, www.windowsphone.com and www.google.com/android/devicemanager for more information.
Personal Items – Photographs and Contacts
Make sure any photographs you take are backed up. This has become incredibly easy in the last few years, with Apps like Dropbox automatically uploading all new photos. Apple’s iCloud service offers similar functionality within the overall Apple ecosystem and Android manufacturers like Samsung and HTC will have their own device backup services.
The easiest way to keep your contacts safe is to link them to an email account. If your personal email account supports ActiveSync (such as Gmail), take the time to transfer the contents of your phonebook to the address-book of your email service. When you add your email account to a smartphone, select the ActiveSync (or MS Exchange) option. This will allow your smartphone to not only synchronise email, but also your calendar and contacts – extremely useful! Any new contacts will be automatically added to your online email address-book. If your personal email service doesn’t support ActiveSync, you could always open a new account with Gmail and use that as your address-book backup; select to only sync contacts with that account and away you go.
The main thing to remember about device security is to act before your device goes missing. Ensure policies are in place to protect your information and that the information itself is securely synchronised with your business email and PIM system, or backed up on a regular basis. Replacing the device is a relatively minor annoyance; first and foremost you have a duty of care to your customers and their information.