Mortgage Software Solutions Blog

ABT's Recommended Physical Device Security

ABT-recommended_physical_device_security.jpg

More than ever, people in the mortgage business are relying on mobile devices to stay competitive. They need to stay in touch at all times and provide quick responses to their customers. Smartphones and tablets can be taken anywhere and give users an edge to help them stay competitive.

Unfortunately, devices that are easy to carry around are easy to carry away. Thieves made off with over 2 million smartphones in 2014. It's not just the loss of the device that's the problem, but the data that's on it or that a thief can get at from it. Letting a criminal view the company's business records or send emails impersonating an employee could mean major trouble for your mortgage business.

pMobile phones also face distinctive data security risks. Protecting your mobile device involves four areas: keeping it safe from theft, preventing thieves from using it, dealing quickly with theft if it happens, and observing good physical device security practices.

1. Preventing Theft

Keeping a tablet or smartphone out of the hands of thieves simply requires exercising common sense. Here are some tips:

  • Label your device with contact information. Engraving is best, since it won't come off and makes it harder to sell.
  • Never leave a device in a car, or at least make sure it's well-hidden. Smashing a window and grabbing any loose items is too easy.
  • Never let it out of sight in a public place. Keep it in your pocket or purse when you're not using it, so you don't carelessly walk away from it. Make sure it's still on you when you leave a place where you were using it.
  • If you use it in a crowded place, be alert for pickpockets after putting it away.
  • If a stranger asks to "borrow" your phone for an important call, say no and walk away.
  • When you're charging it, make sure it's in a safe place. Leaving it on your desk at work may seem safe, but if a customer can walk by and snatch it, it's not a great choice.

Note: You need to be equally careful with USB flash drives. They're small and easy to forget.

2. Preventing Unauthorized Use

You can encrypt your device so that no one else can use it without the password. Even the FBI has trouble breaking into encrypted phones, as we've learned from the news. Infoworld offers a guide on encrypting iOS and Android devices. On Android, encryption isn't the same as password protection; make sure to enable both. Also, encrypt any flash drives that might leave the office.

Additionally, you can set the interval at which the device asks for your password; make it five minutes at the most, or require it every time you turn the phone on for maximum security. Use a password that's hard to guess; "1234" is as good as no password at all.

Good security comes in more than one layer. If someone does manage to activate your phone, you want to suffer as little damage as possible. Don't set your applications to log in automatically without a password. That may be convenient, but it can also be dangerous. Setting a single master password is fine; just make sure it's a strong password.

Keep the amount of sensitive information stored on your device to a minimum. Delete old records that you no longer need.

3. Data Security

Mobile devices face some special risks that desktop computers aren't as vulnerable to. Connecting to an unknown wi-fi hotspot can expose the device to spoofed connections and password theft. When you download an application on impulse, you might get something malicious with it.

Before you click, think about whether you really need that application and about how confident you are in its source. If you download a store's app, the store management probably has only the best of intentions, but the developer might have been sloppy and left serious security holes in it.

If It's Lost or Stolen

You can set up your phone or tablet so that you can erase it remotely if it's lost or stolen. The device has to be on the internet for you to do this, but if it isn't online when you issue the command to erase, it will erase itself the next time it goes online.

Android offers several actions you can take, so you can make sure the device is really gone before erasing it. The Android Device Manager lets you make it ring at full volume, even if you had set it to silent mode. If you just left it in your other coat, that option can save you from unnecessarily wiping your device. If it's really lost, you can perform a full reset, wiping out all your phone or tablet’s data and applications.

Apple offers a similar feature for iOS devices. You need to have an Apple ID and an iCloud account. You can check its location or make it play a sound to make sure it's really lost, and you can erase it remotely if you need to.

Report the theft promptly to the police and your employer. ABT's DeviceGuardian™ can, among many other things, help prevent data loss from stolen devices.

Final Thoughts

All this advice shouldn't scare you away from using a mobile device, but rather, it should give you confidence that you can use your mobile devices with little risk of a security breach—if you're careful and you employ the right tools.

Physical protection is one part of a secure data strategy for your mortgage business. ABT's managed cloud services keeps track of the latest information on malware, intrusion, and spyware, so that your devices stay safe. Additionally, DeviceGuardian™ can help keep your data and your devices safe, providing 24/7 security monitoring, cloud backup, and virus and malware protection. It can also remotely wipe stolen devices, when necessary.

Take good care of your devices and let the security experts at Access Business Technologies help! Please contact us for more information.

Learn More

Topics: DeviceGuardian mobile device security