Mobile Devices Can Threaten Your Cybersecurity

 

Business workers need to get the job done from anywhere with a mobile device, whether it's to use email, the internet, apps, or GPS navigation features. However, mobile device security is not keeping up with threats increasing rapidly in cyberspace. On the one hand, corporations are obligated to continue using mobile devices for business in order to increase convenience, raise productivity, and keep a competitive advantage. On the other hand, these same corporations must protect sensitive company data, including employees' personally identifiable information, classified documents, and customer records.

Security breaches on mobile devices are becoming increasingly popular within cybercriminal circles as a result user popularity and careless security practices. A 2016 Ponemon Institute study found that 67 percent of surveyed IT professionals said it was certain or likely that a breach had occurred as a result of mobile device use. In addition, 64 percent admitted that their organization wasn't vigilant about protecting sensitive data on this hardware, and 63 percent had no policy regarding what type of company data could be stored on employee mobile devices.

A mobile device increases the surface area of attack for a corporation. The potential risks associated with corporate mobile device use include:
Tendency to lose the device: Mobile devices are small, easily portable, and extremely lightweight. Users can easily leave the device behind in airports, taxicabs, and airplanes.
Standard computer security methods not being used: Traditional forms of security, such as firewalls, anti-virus, and encryption, are not commonly applied on a mobile device.
Unsafe user habits: Lax mobile device user habits can leave the business open to breaches. Many users leave PIN protection disabled and don't update the device on a regular basis.
Connecting to public Wi-Fi: Many users put corporate data at risk by not scrutinizing the security of public access points. These workers are anxious to get work done and will connect to Wi-Fi by any means necessary. However, a cybercriminal can create a legitimate sounding name for the Wi-Fi signal, such as "Airport Wi-Fi" and then spy on the information being transmitted to your mobile device.
Rogue Third-Party App Stores: The official iOS and Android app stores have rigorous standards for evaluating programs for safe download and use. However, the apps in third-party stores operating outside these channels typically don't have these same guidelines. Users are at risk of downloading apps that either has security holes or are coded with malware.
Devices infecting business network: A compromised device may become an attack agent and spread malware in the business network.
Phishing attacks: Malicious links in emails, SMS text messages, and mobile apps can execute keylogging software or encourage you to give away sensitive information to an untrusted source.

These risks can lead to:
• Stolen data due to loss, theft, or disposal
• Unauthorized access
• Electronic eavesdropping
• Spread of malware

 

What can you do?

Avoid unsafe Wi-Fi connections: If you're in a public place, such as a coffee shop or airport, confirm the name of the official network with an employee. Also, once you are on the network, make sure to turn off sharing, use two-factor authentication for online accounts, and sign off when finished using the network.
Enable the lock screen on your mobile device: Set the lock on your phone by requiring a PIN for access.
Use security software: Use protection software on your mobile device, including anti-virus/anti-malware protection and data encryption.
Download apps from authorized marketplaces such as Apple's App Store, Google Play, or the company's designated app marketplace.
Keep the device's Bluetooth setting out of discovery mode when not in use
Connect your device to networks via a Virtual Private Network (VPN): VPNs create a secure connection by encrypting network activity and enforcing password/location based policies. This security combination makes it more difficult for cybercriminals to intercept corporate data.
Be careful with what your click on: Make sure to inspect links closely on emails and texts. Also, don't open unexpected attachments, especially from people you don't know.
Implement a mobile device management (MDM) solution: SwiftTech can help your business monitor and manage your mobile devices on an ongoing basis. Our MDM deployment projects include a mobility assessment, expert recommendations, integration with IT systems, onboarding, and much more.

If the phone is lost or stolen:
• Report the loss to your organization, mobile device provider, and if necessary, the local authorities.
• Log into account websites on another device and change your passwords.
• Wipe the phone remotely if needed.

To learn more about our IT services, contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. or 877-794-3811.


SOURCES
Johnson, E. New Study Shows Mobile Devices The Cause Of Some Data Breaches. (2016, February 23). Retrieved from: http://www.darkreading.com/endpoint/new-study-shows-mobile-devices-the-cause-of-some-data-breaches/d/d-id/1324415
Lella, A. Smartphone Apps Are Now 50% of All U.S. Digital Media Time Spent. (2016, September 1). Retrieved from: http://www.comscore.com/Insights/Blog/Smartphone-Apps-Are-Now-50-of-All-US-Digital-Media-Time-Spent
Trend Micro. 4 ways mobile devices still threaten your business. (2017, April 19). Retrieved from: http://blog.trendmicro.com/4-ways-mobile-devices-still-threaten-your-business/
Kerravala, Z. Mobile devices pose biggest cybersecurity threat to the enterprise, report says. (2015, August 24). Retrieved from: http://www.networkworld.com/article/2974702/cisco-subnet/mobile-devices-pose-biggest-cybersecurity-threat-enterprise-report.html
Ruggiero, P. and Foote, J. Cyber Threats to Mobile Phones. (2011). Retrieved from: https://www.us-cert.gov/sites/default/files/publications/cyber_threats-to_mobile_phones.pdf
Dignan, L. Your Biggest Cybersecurity Weakness Is Your Phone. (2016, September 22). Retrieved from: https://hbr.org/2016/09/your-biggest-cybersecurity-weakness-is-your-phone

 

Contact us at 877-794-3811 or [email protected] for Professional IT Support

get in touch