We’ve always recommended that you take care to protect your mobile devices, whether they are phones or tablets: at the very least you should have a swipe pattern or, better still, a PIN or biometrics (fingerprints, facial recognition etc.).
We’re now upgrading that advice in light of recent research and now recommend that you have a PIN as a minimum level of security.
In fact, we’re going to roll that out for all of our clients who use Office 365 for email.
Over the next few weeks we’ll be applying the security policy to require you to use a PIN on any mobile device which uses the service. We’ll contact you directly before any change is made so you are fully prepared and have a chance to ask any questions.
There are very important reasons for this, which we’ll detail in a minute, but if you have a strong desire to opt-out as a company please get in touch.
If you don’t use Office 365 through EJC, we recommend you seriously consider adopting this policy anyway, although of course we can’t make you do it.
Why are we doing this?
Our clients and our wider network look to us for best practice solutions, and we’ve become increasingly concerned to see the weak link mobiles represent in a very important chain. Too often, we see mobile devices which are entirely unsecured and we’ve therefore come to the conclusion that simply advising you to secure your phone is not enough.
If someone can pick-up your mobile and immediately access your email, they have a lot of opportunity to cause you harm. They can reset your password on almost any website you log-in to. They can view all your contacts, your calendar, your files, and make contactless payments. They can pretend to be you.
We think this is a huge risk to take just so you don’t have to type in a few numbers when you pick up your phone. It won’t stop you answering the phone, and it might feel unnatural at first, but you’ll quickly get used to it.
“I really don’t want to do this”
If you still absolutely don’t want a PIN on your phone, we can discuss exempting you from this requirement, depending on your company’s policies and responsibilities.
We will, however, ask you to sign a document confirming that you have taken the decision against our advice.
Please call us on +44 370 600 9711 to discuss further.