12-Point Mobile Application and Data Security Checklist

In today’s ‘always on’ environment, both consumers and employees seek quick and immediate access to information when they want, wherever their location may be. According to recent report by Chief Marketer, mobile marketing budgets have increased in the last 12 months for 31% of survey respondents. While the trend of accessing critical business information on mobile devices is growing, so too is the concern for making sure data retrieved is secure.

If your organization is considering deploying a mobile strategy, ensuring the safety of the information your customers and employees access on their device is crucial to a roll out plan. Even if your organization has a mobile strategy already in place, be sure to review the 12-Point Mobile Application and Data Security Checklist I’ve developed. It’s a best practices guide that can be easily shared with your customers and employees.

1. Update your Smartphone OS, irrespective of it being an Android or an Apple device, whenever any application patches or OS upgrades are released.
2. Always use a passcode to lock your device in order to avoid data leakage, especially if the device is being used by a stranger.
3. Do not jail-break, root or modify the operating system files.
4. Regularly backup or synchronize your settings and other personal information in order to avoid the loss of data due to theft. For additional security,  install device-tracking applications to find your device if it gets lost or stolen.
5. Learn about an application‘s reputation before installing it. Make sure the application vendor or developer is a trusted source, has been in business for a considerable amount of time, and has a solid reputation.
6. Always be careful when downloading applications or clicking URLs. Only use trusted application makers to download applications and make sure you check an app’ s review and ratings before you download it. Never click on unknown URLs or respond to requests for your personal information.
7. Make protecting your mobile device as much of a priority as protecting your PC – Scan for viruses, spyware regularly by installing an Antivirus or Firewall software.
8. Be careful when using public Wi-Fi hot spots, only window-shop when using public Wi-Fi hotspots. Do not make purchases, perform financially-related transactions or provide personal information using public Wi-Fi hot spots.
9. When using business applications and accessing business data make sure it has been approved by your IT department, and always use a secure connection. Optionally use VPN connection to the server and do not store sensitive data locally on the device unless it is encrypted and secured.
10. Work with your IT department to develop and implement a security policy regarding what content is allowed to be accessed on devices, how it will be accessed and how the organization will handle access to business data and applications as well as lost or stolen devices.
11. Make sure your development team incorporates security into the entire application development lifecycle by identifying and prioritizing critical applications and testing for security and vulnerabilities. Make sure to retest when applications change to protect critical assets and information.
12. Stay flexible and be prepared to evolve and adapt to the changing mobile landscape by regularly evaluating your security policies to make sure they align with mobile reality and conducting frequent risk assessments.

With smartphone penetration now at 50% in the U.S., the explosion of mobile applications for business will continue to generate mass consumer appeal. Using the guidelines I’ve discussed in my series on Mobile Applications and Data Security, businesses can accommodate the real security concerns of employees and customers while gaining a competitive advantage.