Mobile devices have been a major boon for businesses. It’s now possible to keep in constant communication with employees who are working on the job site via video conferencing and with customers via social media and texts. You can access your data no matter where you are, allowing you to quickly gather information on the go. Keeping up with your emails and appointments is quick and easy, too.

But there are some downsides to mobile devices, especially when it comes to security. If you don’t keep these devices secure, it can be very easy for someone to access and steal your company’s data. More and more data breaches are coming from mobile devices, especially ones your employees bring into the office on a regular basis. You can’t tell your employees they can’t bring their smartphones or tablets to work, so what can you do? Here are five ways you can help protect your data from mobile breaches.

1. Educate Your Employees on Mobile Device Security

You may assume most data is stolen because hackers break into your system after hours of working to break through your security measures using a number of unscrupulous methods. You might be surprised to learn that’s not really the case. Most are able to get access to your system within a few minutes because one of your employees has used an incredibly simple password. In 2015, some of the most popular passwords were things such as “123456” or “Password.” Even systems that forced users to use a more complex password might simply use their name followed by a number.

Of course, even if you make your employees use a strong password on their work account, there’s no guarantee they will follow this practice on their mobile devices that they’re bringing to your office. By teaching your employees how to create strong passwords, recognize phishing scams, and understand how network attacks occur, you’ll improve your own security and help them improve their own.

2. Create Bring-Your-Own-Device Policies

Your employees are going to bring their devices to work with them. You can’t change that. What you can do is create policies that govern how they use those devices while in the office. Most employees aren’t really thinking about what they’re doing. They use their smartphones and tablets all the time. It’s reflexive – someone hears their text message sound go off and they grab their phone without even thinking about where they are.

While it’s true that you do have limits as to what you can do with an employee’s personal mobile device, it’s also true that you can completely block those devices from accessing your network. You can also require employees to install a company-approved app that encrypts any data they receive from the company network. These apps may add additional security procedures, too. Some employees may not want to do this, and that’s okay. They just have to realize they will not be able to access anything on your network from their devices.

You may also want to install an intrusion detection system like Snort. Snort will scan your system continuously looking for intruders. If it finds anyone, even an employee, trying to access something they should not or attempting to modify the network in any way, it will lock that user out of the system and notify you.

3. Make Your Data Available Through an App

When it comes to mobile devices and data access, you have two options. First, you can let employees download data to these devices. Second, you can create an app that allows employees access to your data. The first option means that you have to secure every mobile device that has your data on it. The second means you only have to secure access to your data. By considering each device a portal to your system instead of a business data storage area, you can focus your security on one area instead of trying to protect all these different devices.

4. What Do You Need to Protect?

This is another major question that can help you focus your security on what matters. Do you need to protect all the data you have? Should all mobile devices be able to access your entire network? If you don’t need to allow employees access to certain information, why do so? That only makes it harder to protect that information.

For example, if your sales team is using their mobile devices to run credit cards, they will need access to your products and may need to be able to access the customer database to see if customers have any particular needs or have earned rewards points. However, they have no need of any HR information or company financial spreadsheets. They shouldn’t be able to access this information at all. If they try to, your intrusion detection program will quickly alert you to the possible hack.

Decide what information may need to be accessed outside of the workplace and what information will only be needed when employees are at their desks. This will help you keep your most sensitive information locked behind even stronger barriers that mobile devices cannot get to at all.

5. Implement Best Security Practices

As security evolves, you have to keep your system evolving with it. Many businesses implement what are the best security practices at the time, but then they never go back and update their system. As hackers come up with new ways of breaking through security, software companies have to match them. This means there are new updates and entirely new security apps and tools being developed all the time, and your system is going to quickly become obsolete.

Make sure your security programs have no vulnerabilities, and continuously watch for security signals that indicate you need to update or upgrade your programs. Always install all patches as they come out, especially if the company announces that hackers have taken advantage of the issue the patch covers. Your network security is never something you do once and then forget about. It has to continually grow and evolve as your company’s data needs change and new security techniques are introduced.