Do your employees use tablets for work? The devices may help make employees more efficient and productive, but if you're not careful, these computers may also put your business data and network at risk. Just like laptops and computers, tablets face security threats from malware and hacker attacks. Here are five tablet security risks your employees face — and how to prepare for them.
1. Mobile malware
From malicious apps to phishing, tablet users are at risk for all types of mobile malware that can wreak havoc and allow unauthorized users into the device and network systems. Such malware includes root kits that give hackers access to settings and controls, tracking programs that monitor activities, and apps that steal data, such as by capturing usernames and stealing passwords. Without proper protection, employees' tablets — and your business data — become a free-for-all for cybercriminals.
What to do: Although iPads aren't 100 percent safe from mobile malware, Android tablets are particularly at risk. Google Play isn't as strict as the Apple App Store about third-party apps, opening the gates to a flood of potential security threats. A study by Internet security company Webroot revealed that more than 40 percent of Android apps are malicious, suspicious or unwanted. Here's how to fight them:
- Be wary of free or fake-looking apps, and educate employees on how to tell when a free app looks suspicious.
- Tell workers to do their research before downloading any app, for instance, by reading app reviews on Google Play and by Googling the app and developer.
- Restrict app downloads altogether to prevent employees from freely downloading apps you don't have visibility over.
- Install a mobile security app that automatically scans, detects and removes malware. [Here are the top five antivirus apps for Android]
2. Data loss
When a security breach occurs, it almost always results in data loss. This could mean hackers doing anything from stealing data in the background to locking you out of your device or network systems. If you don't have access to the device, you'll need another way to quickly and immediately recover your data.
What to do: The simplest way to prevent data loss is to back up data frequently and automatically. One way to do so is by using a third-party cloud storage solution, such as Dropbox, Box, Google Drive or OneDrive. Make sure to use a business account and not a personal account to better suit your storage and employee needs. If your workers use iPads, make sure to also enable iCloud. For instructions, here's how to automatically back up data on iCloud. These are the top five cloud storage apps for Android, and here are three ways to backup Windows tablets.
[For a side-by-side comparison of the best online data backup services, visit our sister site Top Ten Reviews.]
3. BYOD risks
Having a bring-your-own-device (BYOD) program can be very beneficial to a business. Employees can use their preferred devices on the job, which increases both job satisfaction and productivity. But it also comes with many risks, primarily from employees being lax about device security and combining work and play in a single device.
What to do: Make sure to implement and enforce an effective BYOD policy. This includes setting clear standards about what employees can and can't do with their devices, where to draw the line between work and personal use, and what employees can expect in terms of their privacy and how the company can access and monitor employee devices for security purposes.
Another way to fight BYOD risks is by keeping all business data completely separate from the rest of the device. A good example is Samsung's KNOX Security Suite, which comes on all Android tablets. KNOX allows users to create private work profiles, which lets them run business apps and files in a secure shell that only the user can access.
4. Unsecured networks
From cafes to airports, hotels and other areas, plugging tablets into public Wi-Fi hotspots may be convenient for on-the-go employees, but it's also one of the easiest ways to give cybercriminals access to sensitive data. Wi-Fi sidejacking — the use of Internet tracking technologies to capture in-transit data, such as email and other login information, via wireless networks — has become such a security risk that USA.gov has issued warnings against using public Wi-Fi connections.
What to do: Free Wi-Fi isn't safe Wi-Fi. Even paid Wi-Fi connections aren't completely secure. Asking employees to never connect to public Wi-Fi networks likely won't go over well, so here's how to keep them safe:
- The best way to protect employee tablets is by installing a virtual private network (VPN), which connects users to your company's secure, private network. Although the VPN uses the public Wi-Fi connection, all traffic and data are sent and received via the private connection.
- Use a carrier-based, paid Wi-Fi hotspot, which lets employees connect to 4G/LTE and 3G broadband services. These include Verizon's Jetpack, AT&T's GoPhone Mobile Hotspot and T-Mobile's 4G Mobile HotSpot. Sprint also offers several options, such as the MiFi 500 LTE, NETGEAR Zing Mobile Hotspot and Merlin 3G/4G 2-in-1 Card, each of which comes with its own service agreement and contract plan.
- Instruct employees to ensure that the websites they visit and where they enter private information use Secure Socket Layer (SSL), which encrypts data being sent and received. Websites that use SSL start with "https."
5. Theft and loss
It goes without saying that employees should never leave their tablets unattended, but theft does happen. Workers also lose mobile devices all the time. Because there's no fool-proof way to completely prevent theft and loss, businesses should have a contingency plan.
What to do: Although the chances of getting a stolen tablet back are slim, what businesses can do is protect the data within the device:
- Use a lock screen that requires a PIN, password or, even better, biometrics. For Windows tablets, enable the picture password setting, a security feature that uses a combination of a picture and a drawn gesture to unlock Windows 8 and Windows RT. The same can be done on Android devices using the third-party app Picture Password Lockscreen. For even better security, use biometrics apps like ICE Unlock, which captures your fingerprint with the camera, and ERGO, which scans your ear to unlock the device.
- Locate and wipe the tablet as soon as possible. Apps like Find My iPhone, which also works on iPads, can help you both locate and remotely wipe the device. For Android, check out AndroidLost, which can also wipe SD cards. Windows tablets, however, don't require third-party apps; devices connected to the Microsoft Exchange server can be wiped remotely from the Exchange Administration Center (EAC) or the Exchange Management Shell.
Originally published on Business News Daily.