// Seron Security

BYOD Security: Protect Your Company and Employees in 11 Steps

BYOD Security: Protect Your Company and Employees in 11 Steps

1. Install at least one good security product to protect every device

An antivirus product is still a very good choice to protect any system, be it yours or your employees’. Don’t forget to check not only other users’ reviews, but independent websites and expert opinions. You can use the guide provided in lesson 4 to choose the best solution for you and your budget.

Do you or your employees use a personal smartphone for work? Don’t forget to protect those devices as well. Set reliable passwords, use antivirus for smartphones (if possible), avoid connecting to public Wi-Fi hotspots and sending sensitive information via email or, worse, social media channels. If you want to go a step further, encryption is also a good idea.

2. Protect your system against advanced cyber criminal weapons

Do you use your personal laptop at work? Then, you need the best security defenses against cyber criminals.
Don’t forget that you have confidential data on your system, which is very important for your company. It’s also important for attackers.
To ensure strong protection of the systems involved in your business, make sure to use a software that includes:

  • a real-time Internet traffic scanner that looks for malicious activity
  • a malware removal to detect and remove any threat
  • an online scanning engine that checks traffic and analyses the sites you access.

3. Keep your software up-to-date

This point applies to every device that you may carry with you at work, mobile or otherwise.
For a computer, simply use a free tool that automatically updates all your vulnerable applications and installs the latest security patches.
For a smartphone device, don’t forget to enable the automatic updates for all your apps.

4. Check your programs and applications

Do you know the programs you have installed on your system?
Are you sure they don’t access your private data and share it online? 

Again, remember it’s not just personal information you have there, but highly sensitive data pertaining to your business that is often targeted by cyber criminals.

To make sure that your system is safe, regularly run system scans with security software programs mentioned at steps 1 and 2.

For your smartphone, use an app that performs reputation scanning to check what you share with others without knowing.

5. Don’t trust yourself, ask the experts

Cyber security experts were asked what employees can do to protect their devices in BYOD workplaces. Many of them questioned the employees’ attitude and their critical judgement ability towards information security.

You may not be able to employ such a specialist or even someone that can manage these devices, repair them, keep them in good shape and maybe even secure them, so it’s your responsibility to find the resources you need to ensure that every device is safe to use and doesn’t leak confidential business data to cyber criminal servers.

It’s a good idea to keep up to date with cyber security issues, read articles and interview with specialists who usually share their knowledge and offer actionable tips. Just as you’re doing right now! 🙂

You’d be amazed to see how impactful it can be to apply basic security measures to every device involved in your business. Once set up, this BYOD policy will be easy to maintain and improve upon.

6. Encrypt your files and your online traffic communication

Your laptop and your employees’ computers now contain sensitive information, maybe financial details and business secrets. Usually, this confidential information is targeted by cyber criminals, so they look to extract it to defraud you or sell it to interested parties.

For this reason, encryption methods are essential in our quest for security.

How do I encrypt my entire HD?

The easiest way to do this on Windows operating system is to use BitLocker encryption tool, which is already integrated into your operating system. For other operating systems, don’t forget to turn to lesson 8 for details and recommendations.

How do I encrypt my files?

Do you just need to encrypt some important documents and maybe send them over the Internet? Then use 7Zip lightweight solution that can archive and password-protect your files, by using one of the best compression formats. Other options are also provided in lesson 8.

How do I encrypt my online traffic?

The easiest way to secure your Internet communication is to use a VPN, that is a Virtual Private Network, that can encrypt your Internet channel and keep your data safe from any intercepting attempts. The VPN solution is usually the best way for a remote worker to access the company’s internal database.

7. Keep your devices free of spyware

Spyware tools monitor your Internet traffic and your computer activity to retrieve private data from your system.

In case of an infection, your system is affected by multiple issues, like system slow-down, browser pop-ups, new toolbars and error messages.

And the problem becomes bigger when you have such malicious tools that target private data, like corporate data. To avoid problems, follow these general guidelines and ask your employees to follow them as well:

  • don’t open mails from unknown people and don’t reply;
  • the same is valid for direct messages in social media;
  • don’t publish too much personal information on social media accounts;
  • don’t download free software from sketchy websites.

8. Don’t become a victim of online scams

You may have installed the best tools in the world and are now protected from all sorts of online threats and cyber-criminal activities.
But defence tools are useless without proper security education and information. Hopefully, you’ve already read lesson 19 and found out what the most common online scams are, so you can protect yourself and your employees from them.

These types of threats usually come by social media platforms, even on LinkedIn, and by e-mail. They start with a catchy phrase line and they always target your money or your business data.

Knowing how these scams are delivered and how they unfold is key in being able to identify them and keep them from unleashing their malicious consequences.

9. Secure your online activities

How can you tell a legitimate website apart from one controlled by cyber criminals? How can you tell who to trust?

When using a device that contains private data that may affect a large number of people, you need to pay attention to your online actions.

Here are 5 shortcuts that can help you verify a piece of information, a company or any other source or service that you want to use for yourself or for your company:

  1. How did you get on that website? Is it really that safe? Check what other people say on Trustpilot to verify their legitimacy.
  2. Is it a legitimate and protected website? Do you see the encryption lock icon? Does the address start with https://? If you see that, it means that you are on a website where communication is encrypted.
  3. Are you using the latest browser version? Do you have the last security updates? Did you improve your browser settings as shown in lesson 9?
  4. Did you install a VPN solution on the laptop to protect your online traffic? Make this a habit.
  5. Do you always pay attention to the links you click and content your download? Make this a habit as well.

10. Backup your personal and business related information

Having a regular backup schedule is vital for a BYOD environment. It’s not a choice anymore.

The devices used in your company may contain valuable business information, which you don’t want to lose.

What if your system is held captive by ransomware threats that are designed to block your system and encrypt your data until a ransom is paid?

And the problem is that you cannot be sure they will provide the decryption key, even if you pay the required ransom.

And what if your system hard disk crashes after a while?

Not to mention the aggressive malware types that not only steal your information, but erase it afterwards as well.

Doing regular backups can ensure that your information is protected and that you can always rely on these backups to restore your data if something happens.

11. Protect your business and personal credentials

Our credentials are important, since they provide access not only to our personal accounts, but to the company’s database and online resources.

How do you keep them safe? How do you improve them?

Increase your system security by following these 5 essential rules:

  1. Make sure you have set a strong password to every personal and company account.
  2. Do not use the same passwords for private and business accounts. Even more, follow this simple rule: one account, one unique password.
  3. Too many accounts, too many passwords? Ok, let’s simplify this: use a good password manager, like Dashlane or LastPass, where you set a strong password to access the manager. Your online passwords are there and even if you change your system and browser, you can install a password manager on the new system and use your credentials.
  4. Don’t let the browser remember the credentials for you. Just don’t. The passwords are stored in plain text, they are never encrypted and could easily be retrieved by cyber criminals.
  5. Improve your access with double authentication. (Also, you can find more details in lesson 3.

Keep in mind that security is mandatory for any device used for both personal and business purposes, especially if they overlap. And this is not only limited to you, but should extend to your employees as well.

The most important thing to keep in mind is to encourage them to educate themselves on cyber security matters as well. Not only will this help protect your business, but it will also help them be safe online and avoid dangers.

Giving cyber security the importance it deserves can help you ensure business continuity, gain and maintain clients’ trust and keep employees safe as well.
Courtesy of Heimdal Security