Mobile Phones : An IT Security Risk in Your Pocket

Everybody has one. But since it’s so small and ordinary, you probably don’t think about it too much. And you would never think of it as a security risk to your company’s IT network.

If you’re not thinking about it too hard, your colleagues most likely aren’t either.

For some, it’s a target. When they hit it, they win the grand prize: access to sensitive and profitable information.

What on Earth are we talking about? We’ll cut the cryptic nonsense.

It’s your smartphone.

You may be thinking ‘But how is this a security risk?’.

Well, you and your colleagues probably use your smartphones to look at work emails and other data. Which a hacker would love to get hold of and try to make money from.

They could do this by:

  • Getting hold of a lost or stolen phone
  • Exploiting a public WiFi network
  • Creating a malware-infested application

Luckily, there’s something you can do to greatly reduce your chances of having information compromised.

You can encrypt your smartphone.

This locks the data with a password. No password, no access. It’s a big step to making your phone safer. There are even more steps you can take, which we’ll talk about later. For now, let’s look at what encryption is in more detail.

Read more: how to encrypt your Office 365 emails and documents

What is Encryption?

Encryption scrambles the data on your phone, making it unreadable. If you want to see the data, you’ll have to enter a password. When you choose to encrypt something, you’ll get to set the password. It’s then up to you to share that password responsibly.

With internet privacy and cybersecurity being big issues right now – and we don’t see them getting smaller anytime soon – encryption helps you keep sensitive data out of dangerous hands.

Businesses know about the threat and consequences of a data breach. However, you shouldn’t be any less vigilant when using their websites. Always check these have a secret sockets layer (SSL), and a green padlock icon and S in the ‘https://’. These are basic security benchmarks.

Hacking has become a huge industry. No matter how big or small your company is, hackers will try to breach your security if there’s a profit for them in it. Sometimes their methods are technical, other times not. This is exactly the case with smartphones.

Read more: how to stop an email spoofing attack with non-technical solutions

The Risk to Smartphones

Lost and stolen devices

If your smartphone is lost or stolen and the data on it isn’t encrypted, anyone will be able to see this.

Public WiFi networks

Checking your emails while sipping coffee is great. You’ll likely do this using a public WiFi network, which are famously insecure and easily compromised by hackers.

Hackers may even set up their own WiFi networks in order to poach data from their victims.


Smartphone apps can easily come with malware that’s designed to read the data stored on them.

Anyone can upload an app to the Android store, increasing your risk of coming across malware. The Apple App Store is a little bit more restrictive in who can upload apps, but the risk of finding a malicious app is still there.

How Encryption Reduces the Risk

So, with all those risks to your phone’s security, what exactly can you do to make it safer? Quite a bit, actually. But there are some things that your phone does for you.

iOS and Android devices come with some form of built-in encryption. iOS has 256-bit AES, which is also used by the US military. And many Android phones run Marshmallow 6.0

How do these methods, plus the extra actions you can take, improve the security of your device? By making the data unreadable without a password.

If a thief gets their hands on a stolen phone, they won’t be able to see the encrypted data. If a hacker sets up an illegitimate WiFi network, they won’t be able to see the encrypted data. If you accidentally download a malware-heavy app, it won’t be able to see your data.

What Else You Can Do

Two-factor authentication

This is the process of having two-steps to access a device. The first step will be the device itself. The second will be the password. So it’s a pretty standard protocol that comes by default on most mobile devices.

Virtual private network

Adding a virtual private network (VPN) to your mobile provides an extra layer of encryption. It stops anyone on the outside of your device from seeing what’s on it. This is particularly useful for when you’re using a public WiFi network, which may be unsafe.

Anti-virus software

This isn’t just for your computer. Many smartphones can also be fitted with anti-virus software to help scan for malware and other viruses. ESET is a great example of what’s available for Android devices.

Encrypt Everything Now

Everyone carries a smartphone with them. You probably do too. It’s convenient for looking at important data on-the-go. But this makes it a big security risk for your business.

If a hacker gets their hands on your phone, the data on it is all theirs. And there are a number of ways they could do this, such as:

  • Finding a lost or stolen phone
  • Exploiting a public WiFi network
  • Using an app to infect your phone with malware

But encryption, which scrambles and locks your data, can help you to prevent the likelihood of this happening. Some devices even come with a level of encryption built in.

You can make your device even safer by:

  • Using two-factor authentication
  • Installing a VPN for public WiFi networks
  • Getting anti-virus software for your phone

For more advice on improving cybersecurity in your business, download our quick guide. It’ll show you how to get safer in minutes.