There’s no doubt that the Internet, mobile, and cloud computing have made our lives easier and our businesses more productive, cost-effective, and competitive. But make no mistake: the Internet is also a breeding ground for thieves and predators, not to mention an enormous distraction and liability if not used properly. Moreover, it is causing people to be casual, careless and flat-out stupid about their privacy. In an increasingly litigious society where heavy fines and severe reputational damage can occur with one slip up, you cannot be casual or careless about introducing it to your organization. You can’t turn on the TV or read a newspaper without learning about the latest online data breach. And mobile devices are easily misplaced and stolen.

Because of all of this, if you allow employees to use mobile devices – particularly personal mobile devices – to access, store, and use company data, you must have these seven security measures in place.

  1. Implement a mobile device policy. Your employees must use their devices to access company e-mail and data. If that employee leaves, are you allowed to erase company data from their phone? If their phone is lost or stolen, are you permitted to remotely wipe the device – which would delete all of that employee’s photos, videos, texts, etc. – to ensure YOUR information or your clients’ information isn’t compromised? Further, suppose the data in your organization is highly sensitive, such as patient records, credit card information, financial information and the like. In that case, you may not be legally permitted to allow employees to access it on devices that are not secured, but that doesn’t mean an employee might not innocently “take work home.” If it’s a company-owned device, you need to detail what an employee can and cannot do with that device, including “rooting” or “jailbreaking” the device to circumvent the security mechanisms you put in place.
  2. Require STRONG passwords and passcodes to lock mobile devices. Passwords should be at least eight characters and contain lowercase and uppercase letters, symbols and at least one number. On a cell phone, requiring a passcode to be entered will go a long way in preventing a stolen device from being compromised.
  3. Require all mobile devices to be encrypted. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that unlocks (decrypts) the data.
  4. Implement remote wipe software for lost or stolen devices. If you find a laptop taken or a cell phone lost, “kill” or wipe software will allow you to disable the device and remotely erase any sensitive data.
  5. Backup remote devices. If you implement Step 4, you’ll need to have a backup of everything you’re erasing. To that end, make sure you are backing up all MOBILE devices, including laptops, so you can quickly restore the data.
  6. Don’t allow employees to download unauthorized software or files. One of the fastest ways cybercriminals access networks is by duping unsuspecting users to willfully download malicious software by embedding it within downloadable files, games or other “innocent”-looking apps.
  7. Keep your security software up-to-date. Thousands of new threats are created daily, so you must be updating your mobile device’s security settings frequently. As an employer, it’s best to remotely monitor and manage your employees’ devices to ensure they are updated, backed up, and secured as an employer.

Want Help In Implementing These 7 Essentials?

If you are concerned about employees and the dangers inherent in mobile and cloud computing, then call us about how we can implement a mobile and cloud security and monitoring system for your business.

Our process involves documenting all the mobile devices accessing your network, documenting what cloud applications your organization uses AND determining an appropriate backup for the data stored on third-party platforms. We’ll also help you implement a mobile device policy, educate your employees on how to “stay safe” online and put critical security and backup services in place, so you don’t have to worry about data loss or unauthorized access to your company’s network.

To request a FREE, no-obligation Mobile and Cloud Security Assessment, call us at 770-486-2070 or go online to