With the transition to the home office and hybrid regimes, the barriers between personal activities and work have become even less visible. It’s hard to find someone who doesn’t use their own device for professional activities, be it access to internal systems or that peek at emails; simple and commonplace activities, but which can also bring risks.
Separation, however, usually gets in the way of convenience, after all, it’s not very pleasant to walk around with two cell phones or use a couple of notebooks on the same table, changing devices at leisure. Criminals take advantage of this union, often enshrined in the corporate world by a BYOD policy (bring your own device) to apply, mainly, phishing scams posing as commercial contacts, business partners or even members of the organization itself.
At the same time, the use of entertainment services and games in free time also carries risks when the same device is shared. In addition to the danger of information diversion or data remaining outside safer corporate domains, there is also the possibility of attacks involving malware, spyware or even the installation of a spy app by a spouse, which may end up capturing corporate information as well. .
The alert published by McAfee experts suggests the separation of devices as the simplest way to maintain security. If this is not possible, it is worth creating separate profiles for personal and work activities, always keeping devices locked with access codes and biometrics to prevent access by unauthorized third parties; apps and operating systems should always be kept up to date.
Personal cell phones must protect security of corporate accounts
Corporate accounts, as well as accounts on social networks and other services, must be protected with strong and complex passwords, two-factor authentication and biometric verification. In the case of use in public spaces with Wi-Fi available, it is important to apply a VPN to maintain data secrecy; security applications, firewalls and antiviruses, which are also necessary, usually bring resources of this type.
Finally, it’s important to keep an eye out for phishing attacks or contact attempts where thieves impersonate companies, partners or co-workers. Check identity and think if communication makes sense through a personal messaging app or SMS, for example, avoiding clicking on links or passing data at any slightest sign that the approach may not be legitimate.
Also, users should pay attention to their company’s security policies and restrictions, making sure that the use of personal devices for work activities is acceptable. If there is a requirement to use VPNs or other requirements, they must be followed, especially when accessing public connections or those with few protection protocols.
