written by
Zack Calloway

Nearly a Skeleton Key: Why Securing Your Phone Is Fundamental

Mobile Security Multi-Factor Authentication Password Managers 1 min read
Don’t forget your phone when you think about cyber security

Cybersecurity is such a huge focus these days, both here at Blue Ridge Technology and in the broader business world. But given how connected our lives are these days, it’s easy to have blind spots in the way we think about staying safe.

For many people, their smartphone is one of these blind spots. It’s a super powerful device, but it can do a ton of damage in the right situations.

Your Smartphone Is the Skeleton Key to Your Digital Life

So why do we say your smartphone can do so much damage? Because your phone is almost like a skeleton key to, well, everything in your digital life. If you use your phone like most people do, it has access to most of your most secure, most personal information. It also has direct access to certain work information — maybe even protected or sensitive data, depending on how you configure access.

In your personal life, someone gaining access to your phone could do damage. They might gain access to bank accounts, contacts, personal photos, and much more.

But if you’re using your phone for work, the stakes could be even higher.

Use Your Phone for Work? Securing It Is Even More Crucial

If you regularly use your phone for web-based or app-based work (like email, collaboration, or even file access), then it’s not just the skeleton key to your personal life. It’s the skeleton key to whatever data and systems you have access to.

And the same thing is true for every one of your employees.

Do Cyber Attackers Target Smartphones?

Some of you may be wondering: most malware and other virus-y types of attacks target PCs, not smartphones. So is the threat really that serious?

It’s true that malware isn’t as major of an issue on smartphones — even though it is markedly on the rise, especially on Android devices (sorry, but it’s true!).

But malware isn’t the only tool in the cyberattack toolkit. Often a simple phishing attack (such as one that steals credentials using a fake login page) is far easier to execute, anyway. And those work just as well — maybe even better — via mobile, where they can even show up via text message.

Lost and Stolen Phones Are a Threat, Too

Another potential threat is what happens if the wrong person gets physical access to your or an employee’s phone. If the phone is unlocked (or has weak security, like an easily guessed passcode like “1111”), then someone who knows what they’re looking for could potentially get deep into your company’s data and systems.

What You Can Do

Thankfully there are some simple steps you can take to improve security on mobile devices throughout your company. Here are some quick tips:

  • Set up more stringent unlocking protocols. iPhone users, use Face ID. If your phone offers a secure biometric unlock (like a fingerprint), use it. This way, the typical attacker cannot gain access to the device without kidnapping you or something similar (and trust us— this happens far less frequently than the movies suggest!).
  • Install only trusted apps. For Android users, this means using the Google Play Store and not other random locations.
  • Use multifactor authentication on any app that offers it and that contains any sensitive data at all. This includes your banking apps and any work-related app that can access sensitive data.

Last, make sure you keep your mobile OS up to date. Yes, those updates are annoying. But what they’re really doing is patching all sorts of bugs and security vulnerabilities so the bad guys can’t exploit them.

Need more guidance on mobile security? We can help. Reach out to our team today!

smart phone tablets encryption