Every so often I have to dive back into the waters of mobile security and offer up a hard truth for users to swallow. Most often those truths are pretty easy to accept, such as never installing a piece of software unless it's found in the app store for your ecosystem (Google Play Store and the iOS App Store), using a password manager, or always making sure to keep both apps and the operating system updated.
Also: The top phone security threats in 2022 and how to avoid them
Anyone can follow those best practices. They're simple, harmless, and require very little effort on the part of the user.
But then there are other best practices that aren't quite as easy to follow. Unfortunately, IT admins have had to constantly remind end users to not do certain things for years. And yet, they still happen. No matter how adamant the IT admin is or the consequences of an action might be, end users continue to ignore those warnings, only to wind up having to turn to IT to solve the problems. more here