It's Time to Change the Approach to Business Smartphones

Digitalisation trends and the post-pandemic reality of the labour market mean that for many people, the smartphone is now at least as important a work tool as the computer.

While programs related to the protection of workstations have been implemented and prioritised in companies and institutions for years, the mobile security issue is often relegated to the background. Meanwhile, the potential implications of stolen or leaked smartphone data are no less threatening than those associated with attacks on corporate computers.

Changing the Mindset

Organisations have used the policy of employee self-selection of a smartphone for years as one of the workplace benefits. And this is despite trends changing, which indicate that employees - especially in the younger age group - are now more willing to look at other benefits (e.g. flexible working hours).

The changes in trends and the evolving attitude towards business smartphones among employees provide employers with a unique opportunity to shape a new mobile security policy. Without suffering image losses, it is possible to reduce the pool of devices offered to employees, thereby increasing the level of security within the organisation. The decision on the final choice of smartphone models is then up to the IT department, which tends to emphasise completely different features of the devices - an appropriate level of security certification, a long-life cycle, or finally, the possibility of installing MDM (Mobile Device Management) software.

Mobile Threat Awareness

From the awareness-raising perspective of today's digital threats, it is essential to train employees and make them aware that smartphones are nowadays a more convenient target for hackers.

The popular perception is that the data stored on the computer requires a higher level of protection. Still, the same data (e.g. via cloud services) can often be accessed by the employee from the business smartphone. When an employee works in a hybrid model or even remotely, the use of the business smartphone for private purposes can very often occur. This increases the risk of sensitive data being accessed by an unauthorised person.

While awareness that a business smartphone may be the target of a hacker attack is quite widespread among employees of large companies, such knowledge (and protection tools) is often lacking in the SMP sector and public administration. Hence, an employer should take even the minimum protection measures and remember that even basic mobile security training can be of great value - especially for newly hired employees.

Security-Enhanced Smartphones

Those with access to sensitive data within an organisation should be aware of the possibility of using smartphones that meet rigorous security standards (offering for example, encrypted E2E communication and the ability to erase data instantly and irreversibly). This applies to people in decision-making positions in business and public administration.

Such solutions protect data and secure communications not only at the software level but also at the hardware level - thus avoiding infiltration even by sophisticated spyware such as Pegasus.

Bittium Tough Mobile 2 product family includes exatly such security-enhanced smartphones - with data secured at all times with multilayered security integrated in hardware and software.