< Back to listing

Posted 1 mars 2023

How to educate your teams about mobile communication security?



According to a Dell study, 72% of employees are willing to share and send confidential, sensitive and protected information. This is not driven by any desire to harm, but simply to facilitate and streamline information flow and work processes.

In other words, the link between security and reduced productivity does exist.

And what applies to digital security in the broadest sense also applies to mobile communication security. After all, sharing a business file using WhatsApp or holding a video conference using Skype or Messenger isn't such a big deal, is it? At least, that's what your employees may think, as they may not be aware of the reality of mobile security issues. It is time to support them.

Why is it necessary to educate your teams?

When it comes to mobile digital security, everything evolves very quickly. Raising awareness and training employees is essential to develop new skills, especially to bring a certain degree of maturity to non-expert users. The goal is to reduce risks. Conveying the right knowledge, the right way helps motivate every employee to participate in their company's digital security. Because, more than ever, security is everyone's business: any measure or defense strategy would be useless without the engagement of employees. Knowing the threats, risks and dangers is not an absolute guarantee of protection, but it is an indispensable foundation for securing your communications.

While building a digital security culture within an organization doesn't happen overnight, an effective training program is its keystone. It must clarify that information security is an integral part of everyone's job, and that ownership, responsibility and accountability for risk are made evident in policies and job descriptions.

Why is security awareness also important for managers?

Should security awareness be reserved for employees?

From our perspective, not at all! Not only are managers, like any other user, likely to make mistakes and blunders in terms of mobile digital security, they also have a more active role to play with their teams.

It is essential to show that they are invested in the success of their company's security. A way to align with best practices and cyber security policies.

This means employees must understand the technologies used to ensure corporate security objectives are met, conduct regular audits and rigorous assessments, and attend required awareness training. When a manager leads by example, the positive impact for the organization (and for each employee) is significant.

Make security training more personal and interactive

While the traditional PowerPoint is inevitable, it can also be dramatically shortened. When it comes to cyber security training, nothing beats real-life examples. It should contain real-world tests in a supervised environment, that you can give to all your employees along with a business smartphone. From encouraging people to download an application outside an app store, to phishing attempts, or attacks against Wi-Fi using a fake network created for the occasion, there are many different ways to do this. 

It is not necessary to disclose the names of those who fell victims to the traps, but rather give accurate statistics on the number of users who have been tricked. This is what the French Ministry of Economy and Finance did in 2017: sending an e-mail to its 145,000 agents from an unknown sender containing a link to win movie tickets. More than 30,000 of them clicked on the links in less than two hours, which directed to a web page explaining best security practices. An effective story that can be used to put the training in a meaningful context and make an impression.

While these best practices are important for employees, they can also be applied to their personal lives. The more transferable the information, the more effective it will be in terms of memorization and application. It is an approach that ensures sustained attention so that you are much more attentive than you would during a presentation of policies and procedures.

Don't hesitate to explain how not to be fooled online, how to avoid scams, how to protect your credit cards, your confidential communications, and keep your devices secure. Protecting your mobile communications also means protecting your employer, family and friends.

Finally, it is important to give concrete and recent examples. Every company can fall victim to attacks, including SMBs. The media regularly reports on this. From the theft of personal data, credit card numbers, copies of passports and even sexual preferences depending on the sites visited, the potential impact on people’s personal and professional lives is real. Making the information relevant is essential so that it is specific to the company or the employees' department. You can also create groups of levels according to responsibilities or uses: a salesperson will not necessarily be exposed to the same risks as a financial director or a legal assistant.

Know how to defend yourself against social engineering.

Social engineering is a way for hackers and cyber criminals to gather public information about a company and its employees, for fraudulent use. For example, if a salesperson publicly posts on their Facebook or Twitter account about how proud they are to be attending a trade show abroad, what's to stop a hacker from planning an attack there? Especially if they work in a sensitive industry or company. A fake Wi-Fi network or a fake application to access the trade show would then give the hacker access to the smartphone and the information on it. Not to mention a phishing e-mail seemingly on behalf of the organizer encouraging the user to share logistical information (plane, hotel, etc.) in order to facilitate his visit.

Without lapsing into paranoia, you should encourage your employees and teams to be cautious about information shared online, in blogs, via social networks and even in e-mails.


 Which solution should you choose to secure your communications?


While strengthening protection systems always requires innovative, secure and scalable technology, it always requires the involvement of users. They are truly at the center of all mobile cyber security decisions, strategies and procedures. Involving them is essential for an effective defense network.


To do this, we have implemented the ultimate solution to secure mobile devices and communications. Cryptosmart offers you a high level of security approved by ANSSI, the European Union and NATO. Adopted by the highest government bodies and major international corporations, it provides end-to-end encryption for optimum protection of your data against the risks of interception of communications, loss or theft of your smartphone. We continue to support you with ever more effective solutions such as Cryptosmart.               


Learn more about Cryptosmart