Statistically, people are 20 times more likely to be a victim of cybercrime than of a robbery in the UK.
UK businesses experienced an average of 686,961 individual attempts each, to breach their systems online in 2020. This is an increase from 576,575 in 2019.
Small businesses in the UK are the target of an estimated 65,000 attempted cyber-attacks every day, according to new figures from specialist global insurer Hiscox.
This is unsurprising, as they represent the ideal target for a cyber-attack on businesses if you do not protect them properly.
The security of business smartphones is therefore more important than ever before.
Your employees use them daily to store and share sensitive customer and corporate details.
Without proper security, this data is at risk.
Behavioural changes to improve business smartphone security
There are some behavioural changes you can make to improve the security of your smartphone. These include:
- Training your employees to be cyber aware
- Ensure employees never “jailbreak” or “root” a mobile device
- Encourage employees to keep smartphone software up to date
- Discourage employees from using public WiFi, especially when sharing sensitive data
However, even if your employees follow the guidelines above, it’s still important to have basic security installed on all business smartphones to keep your data safe.
These could be simple things like using passcodes and biometric unlocking, to more complex protection like managed device encryption.
Fortunately, smartphones come with security built in so whether you use Apple’s iOS or are more an Android fan, you’ll get some high level protection built into your phone.
But is one of these operating systems more secure than the other?
How does iOS security work?
Apple’s mobile operating system, iOS, is tightly controlled by Apple itself, along with the apps available in the App Store. This means Apple devices offer good security “out of the box”.
Whilst iOS users will find themselves limited to Apple-approved devices and apps, this is a positive for streamlining security. Apple’s smaller platform means that even older smartphones may be able to run the recent OS and apps, reaping the benefits of new security updates in the process. iPhone security, as a result, has gained a “safer” reputation amongst some users.
Additionally, the closed system only permits those apps that don’t access the phone’s root coding.
How are iOS updates managed?
You can turn on automatic updates so that you don’t have to update each app manually. Or if you prefer, you can turn off automatic updates and update apps manually.
Apple releases iOS updates roughly quarterly, but it can sometimes be six months between major security updates.
How secure is iOS?
Overall, iOS is a very secure operating system, but you do need to put some additional settings in place. Here are ways in which an admin can control security on Apple devices:
- Device password – Your admin can ask you to set a password to lock your screen. The password settings might require:
- A minimum number of characters
- An expiration date
- A time limit before your screen automatically locks
- An automatic wipe of your device (equivalent to a factory reset) if there are too many failed password attempts
- Locked screen access – Your admin can control what you can access when your device is locked, including:
- The Control Centre
- The Notifications Centre
- The Today View
- Remote wipe
- Remotely wipe your work account from your device – This will remove all data associated with the account from the device.
- Wipe the entire device – This includes all personal apps and data. Businesses will often require this if an employee’s device is lost or stolen. You can restore personal content using Apple iCloud backup.
- Managed apps – Admins can:
- Control which apps an employee is allowed to install on their business smartphone.
- Remotely remove apps and associated data.
- Use managed apps to open an employee’s personal documents.
- Share documents created in managed apps with Apple AirDrop.
- Store documents created in managed apps with iCloud.
- Control whether employees can copy or share data between apps. Drag content between Google Workspace apps in any account.
iCloud – Admins can allow employees to connect their device to iCloud to store data and then sync it between authorised devices. You could set a requirement that the device automatically backs up to iCloud every day.
- Note that this will only happen if the iOS device is turned on, locked, and connected to a power source.
- Safari – Admin can control some features in Safari, including:
- Autofill when employees complete an online form
- Fraudulent website warnings
- Pop-up windows
- Cookie usage
How does Android security work?
Android as an operating system is very secure.
It has several layers of protection to safeguard from malware, and it requires your explicit permission to do almost anything that could compromise your data or the system itself.
Unlike iOS, Android is an open source system, meaning everything needed to install and run an Android application on your phone (including the app’s code) is fully viewable and editable by anyone.
While this often leads to some concerns about security – because technically anyone can make edits in the system – many of the popular business apps are not open source, meaning they retain higher levels of protection.
Android will always try to protect its users, but ultimately it’s up to you what you install, where it is installed from (such as unknown sources and beyond the safety of Google Play) and who to give permissions to.
How are Android updates managed?
Android will notify your employees that a system update is available, and they can choose to install the update immediately or later.
Using your device policy controller (DPC), an admin can manage system updates for the device user.
DPCs can own a fully managed device (called a device owner) or can own a work profile (called a profile owner).
The table below shows how device owners can manage system updates, while profile owners can only report information about system updates.
If the DPC shows that devices have pending system updates, the admin can ask device users to install any critical updates promptly.
Unlike iOS, Android admins cannot install updates and apps on the device owner’s behalf.
|Task||Device Owner||Profile Owner|
|Check for pending system updates||✔||✔|
|Receive callbacks when new system updates become available||✔||✔|
|Set a local update policy to control when Android installs system updates||✔||❌|
|Freeze the OS system over critical periods||✔||❌|
How secure is the Android OS?
Most Android smartphones will get security updates that should stop most major types of remote exploits. Android has a reputation as being less secure than iOS because it’s an open source platform but, with the right precautions, it can still be just as safe.
What can you do to add extra security to your business phones?
Mobile Device Management (MDM) is the process of enhancing your corporate data security by monitoring, managing, and securing your team’s mobile devices.
MDM allows IT teams and admins to control and distribute security policies to the mobile devices of all their employees who are accessing sensitive corporate data, ensuring the corporate network is secure.
Enterprise Mobility Management (EMM) usually consists of a suite of mobile management systems and services that protect intellectual property, specific processes that ensure data security, and systems that integrate with a wide range of enterprise IT systems to meet a range of business needs.
Unified endpoint management (UEM) is a mix of the above two systems, with AI and proactive threat detection included to fight cyber threats.
Which OS you choose depends on your preference, your business needs and how easily you can manage your smartphone security.
New mobile phones are the best choice for increased security as they have the latest software updates and come equipped with the threat protection that you cannot download on older operating systems.
Is it time to upgrade your business mobile phones to keep up with security threats?
At Communications Plus, we offer the latest handsets from a range of manufacturers and operating systems, all of which come with the very latest security updates as standard.
We also offer a variety of contract options with leading network provider O2 (4-time winner of best network coverage and 2-time winner of best network performance).
Contact us today to find out what Communications Plus can do for you and keep your data safe with the best mobile phone security for your business.