As part of an update last week to the operating system for Android smartphones, Google made a simple tweak that could make business data more secure.

It wasn’t dramatic or done on the cutting edge of technology – the company explained it in just one sentence in the new code’s supporting document.

Under “Security and privacy”, Google said it had added a feature that “enables a future optional security feature, which will automatically restart your device if locked for three consecutive days”.

It doesn’t sound like much, but it’s actually pretty neat. The reason for Google’s change is pretty clear: if you leave your smartphone unattended for a while, it may be at increased risk of being accessed by someone who doesn’t have a right to the data contained inside it.

Given the number of Android devices in the hands of workers at smaller businesses across the US, it’s a reminder that in these times where information security is increasingly important, you should double check your company’s cybersecurity is up to scratch.

The list of potential data security hazards to Android phones is long, and easy to understand. An employee’s phone could get mislaid, stolen, or simply left on their desk over a holiday weekend because it’s a company phone and wasn’t needed for the holiday. Rebooting the device automatically after a period of inactivity is all about making it more difficult for unauthorised people to gain access.

As news site TechCrunch explains, when a phone is turned off some of its data is fully encrypted, and harder to access without knowing the user’s passcode – it’s called the “before first unlock” state.

Once you’ve unlocked the device once, there are some devices and hacking tricks that can be used to force the phone open – TechCrunch notes this is generally how law enforcement performs forensic device searches (an issue that in the political spotlight at the moment.) Google’s slight adjustment is all about ensuring that if your phone spends time inactive, for whatever reason, it’s going to be harder to force entry.

Recent estimates say Android has around a 42% market share in the US, and that the number of smartphones owned by the average US company is forecast to grow steadily through the five year period 2022 to 2027. In 2023, statistics website Statista reports, each American business owned an average of 19 smartphones. By 2027 this number will be over 43 smartphones per company. By definition this means millions of Android phones are used as company devices…and Google’s small tweak will help secure them.

It’s also a timely reminder that you should regularly go over the cybersecurity protections and data safety habits your company and staff follow. Smartphone thefts are on the rise, with some estimates noting that as many as one in three robberies involves the theft of a smartphone – a figure that may be much higher in some urban areas.

Given the sheer amount of data contained in a modern smartphone this is an issue for any user, and could be especially problematic for a company phone that may contain sensitive, proprietary or even legally-protected information critical to your company’s future.

The issue is so important that Verizon has a dedicated webpage acting as “a guide to small business loss prevention for mobile devices.” The network provider reports that “all types of organisations are adding mobile and IoT devices into their daily operations”, and that many people even use their own device as a company asset.

Verizon also points out that its 2024 Data Breach Investigations Report showed that “lost and stolen assets led to far more data breaches in the current reportable year (91%) versus the previous year (8%)” with the vast majority of these breaches coming from “lost” devices.

Against this background, Google’s tweak to Android’s security settings makes good sense. – Inc./Tribune News Service