5 ways to secure your employees’ mobile devices

Increase the lifespan of your employees’ digital devices by physically protecting them, which is particularly important for cellphones, which are more likely to be dropped due to their small size and frequent use.

In particular, you should equip your phones with protective cases, which reduce the chance of breakage if they are dropped. For even more protection, opt for a screen protector, a thin layer of glass that can be applied over the screen of the device. In case of an accident, it’s often this glass, and not the phone, that is likely to break.

Fortunately, encryption is now handled by default with the addition of a pin number or password, which is the case for all recent iOS and Android devices. However, this was not the case several years ago. If your employees are still using older models (before Android 10 and iOS 8), be sure to manually activate encryption in the settings (the procedure varies depending on the operating system and model). In the case of some Android phones, encryption must be activated manually. From the moment an employee uses their device’s SD card to store company documents or data, consider verifying first whether encryption needs to be activated.

Require the use of locking codes that are hard to guess (1-2-3-4 and similar easy codes should be avoided) and encourage employees to use their phones’ biometric locking features, such as digital fingerprint readers or face recognition. These technologies are safe and reduce the risk of a malicious person overseeing their locking code when it is entered.

For more complete protection, also ensure that backup copies of your phones are encrypted, which is not the default for iPhones backed up to a computer using iTunes. Copies in the cloud are encrypted for both iPhones and Android phones.

Apple’s Find My Phone and Google’s Find My Device allow you to locate different devices on a map, such as your phone, tablet, or wireless headphones.

Both tools also offer additional protections when enabled in smartphones. Such phones can be made to ring in order to locate them, or they can be remotely locked, made to display a message (to ask whether someone can call you at a certain number, for example), or erased in order to avoid having your confidential information wind up in the wrong hands.

However, these functionalities need to be previously activated to be usable. Such is generally the case by default upon first use of the phone, unless permission was refused by the user.

Unfortunately, you need access to your employee’s Google or Apple account to track their phone, which isn’t always possible. Instead, to track a phone and be able to erase it remotely, use an MDM (see below).

Many best practices for securing devices require effort and collaboration on the part of employees. However, it’s also possible to take control of the situation by getting a Mobile Device Manager or MDM.

These tools, such as the Gesticom manager, offered by Videotron Business, facilitate the deployment and configuration of new phones, whether iPhone or Android devices. You no longer need to configure each device by hand to ensure it’s secure and to enter the identifiers to connect to your company network and install your applications. All these steps can be performed automatically with an MDM.

An MDM enables you, for example, to receive instant alerts and reports on the use of the phone. It allows you to track data consumption, roaming data, and the battery level on your employees’ phones. If necessary, an MDM can also enable the installation of applications remotely after its initial installation, or it can block applications (social networks, etc.).

For companies that want to use employees’ personal phones, an EMM (Enterprise Mobility Management) can be used to secure a portion of the personal device, where the company’s applications and documents will be stored, in addition to other options.

It’s also possible to extend the same level of control provided by MDMs and EMMs to other devices, such as computers, wearables, IoT sensors, and even vehicles, thanks to a UEM (Unified Endpoint Management).

This software offers many advantages when it comes to security. For example, it’s possible to use it to ensure a secure lock code is used for your employees’ mobile devices, and also to track phones without using third-party tools such as iCloud.

As opposed to Apple and Google services that require employee participation, you can remotely control the phone yourself, whether to uninstall your private applications, for example, or to update applications, operating systems, or security fixes, and even to reset a phone to its factory settings. Your data are at risk when a device is lost or an employee quits on bad terms. Being able to protect them yourself, without any third parties, is a basic requirement.