We’re all familiar with the chilling feeling of reaching for your phone in your pocket or purse only to discover it isn’t actually there. Losing your smartphone is always stressful, but it’s an especially dire situation to find yourself in if the phone had work-related apps and data on it. In the wrong hands, that misplaced device could lead to a catastrophic data breach for your company.
If you leave your smartphone somewhere public, it’s likely that whoever finds it will try to access your apps and info. The Symantec Smartphone Honey Stick Project tested what would happen to 50 intentionally “lost” phones left in heavily trafficked public locations (e.g., elevators, food courts, malls, and so on, in major U.S. cities). Almost all (96 percent) of the lost phones were accessed by the people who found them, and 83 percent of the phones were accessed for corporate info and apps.
Luckily, there are steps you can take to secure devices like smartphones remotely and prevent the exposure and theft of sensitive information. Here’s everything you should know about what to do if you lose your work phone to minimize the damage and prevent a possible data breach.
What to Do If You’ve Lost a Phone with Company Data On It
If you can’t find a smartphone with work-related apps and info on it, it’s important to act immediately and do what you can to secure the device and stop any unauthorized individuals from accessing corporate data.
Here are the steps you should take if your work phone is missing.
1. Contact your wireless provider. They can suspend or disconnect service, according to Norton by Symantec.
2. Notify your company’s IT department and security personnel. If your organization has a Mobile Device Management (MDM) solution in place, they might be able to use it to locate your device, lock it and wipe it of any sensitive data, Samsung states.
3. Remotely locate and lock your device via your Apple or Google account, if your company’s IT department can’t tackle those steps for you. You can do this if you’ve enabled Find My Mobile for Samsung devices or the Find My app for Apple products.
4. Change the passwords to all accounts and apps you access from your phone, just to be safe and ensure no unauthorized parties can access them.
Preventive Steps Businesses Should Take Before Anything Gets Misplaced
Of course, the best way to prevent a data breach caused by a lost device is to make sure you have security measures in place before the phone even goes missing. Employees and business leaders should implement the following safeguards for all mobile devices used for work purposes.
1. Turn on remote tracking for all devices, as described above.
2. Back up all data on mobile devices.
3. Implement device encryption. Less than one-third of companies report using full-disk encryption, and up to 5 percent of devices don’t have a lock screen enabled, according to Verizon’s 2019 Mobile Security Index.
4. Ensure that users are aware of and follow best password practices, such as setting strong passwords, changing them regularly, not allowing browsers and apps to save them, and not using the same password across multiple accounts.
5. Use an MDM solution that allows the company’s IT team to centrally manage all mobile devices and enforce security policies.
6. Enable multi-factor authentication for all accounts. Hackers who have your phone in their possession can bypass this if you’re using a method that involves codes sent via SMS or an authenticator app. However, this will add an extra layer of security in scenarios where other devices like laptops get misplaced.
If you’d like to learn more or have questions about securing mobile devices and what to do if you lose a work phone, feel free to contact our team of security analysts. We have extensive experience with various managed cybersecurity solutions and services, including device encryption, two-factor authentication, MDM solutions and more. Get in touch today by calling 877-599-3999 or emailing firstname.lastname@example.org.