Verizon recently released its Mobile Security Index 2021 report, which provides details on the current state of mobile device security risks and the types of attacks companies should be prepared for.
The report illustrates the shift towards more mobile working and the fact that the security of smartphones and tablets hasn’t yet caught up to that of PCs. While offices are becoming more dependent upon mobile devices, those devices are creating more risk for business networks if not properly secured.
According to the report, 71% of surveyed organizations say that mobile devices are “very critical to their business” and 53% said their company has suffered major consequences in the past from a mobile-device-related security incident.
40% of surveyed professionals say mobile devices have become the biggest IT security threat.
While mobile devices are gaining more prominence at work, hackers have noticed and have been unleashing more mobile-specific attacks, such as banking trojans and spyware hidden inside mobile apps.
Businesses need to realize that users are now doing the same things and accessing the same sensitive data via mobile as they do computers. This means that smartphones and tablets (both company-owned and employee-owned) need to have the same strong protections as PCs.
Tactics for Keeping Mobile Devices from Being a Security Problem
Require Use of Lock Screen
One big risk with mobile device security is that phones and tablets are easily lost or stolen. If a thief gets their hands on a smartphone used for work, they could easily access platforms that have a persistent sign-in (always keep you signed in). They also have access to any text or app-based multi-factor authentication, which could give them access to multiple cloud and website accounts.
Using a lock screen might mean a few more seconds to unlock a device, but it can also give you time to remotely lock or wipe a device should it be lost. That can make all the difference between a major data breach happening due to a lost device and being able to lockdown information before it’s compromised.
Use a Business VPN
Between 2018 and 2020, the number of global public Wi-Fi hotspots has increased 63% to 454 million. As mobile phones are being carried around, they can be connecting to any number of public, unsecured networks.
Public networks hold a big security risk for a man-in-the-middle attack when a hacker is on the same public network and using special tools to spy on the activity of other users.
Adding a business VPN is one of the important tools in any cybersecurity checklist. Once signed up, you can add your employees, have them download a mobile app, and it will secure their internet traffic through encryption. This keeps the data secure, even when on public Wi-Fi.
Keep Track of Mobile Devices with a Mobile Device Manager
Mobile devices now make up about 60% of the endpoints in a company. They can be connecting to your business data from any location and that location often changes throughout the day.
Mobile device managers, such as Microsoft Intune, give companies a way to secure the business side of employees’ devices.
An MDM enables remote monitoring and administration for:
- Which devices can connect to your business apps
- OS and software updates
- Locking or wiping a lost or stolen device
- Enforcement of IT security policies consistency across all devices
Research Apps Before Downloading Them
Employees should be instructed not to download any apps from outside a legitimate app store (Apple, Google, Microsoft). But even when downloading from an app store, it’s important to research an app online first to ensure it’s not a fake with hidden malware or one that overshares data.
Even fake apps can end up in a legitimate app store for a while before they’re found out and removed by the platform. Mobile malware has been increasing as the use of mobile devices at work has risen.
Employees need to be aware of the security of any new apps they install before they install them, and the fact that some malicious apps will actually hide their icon after being installed to make removal more difficult.
Install a Mobile Antivirus/Anti-Malware App
PCs aren’t the only device that needs an antivirus/anti-malware application, it’s also important to have one protecting business-use mobile devices.
All mobile devices used for business use, even if it’s just to receive work email, should have a reliable mobile version of an antivirus/anti-malware application. This helps ensure any infections are caught before they cause major problems and travel through your network to other devices.
Get Help Implementing a Mobile Device Security Plan
Pro Tech Guy can help your Framingham business put a cost-effective mobile device security plan in place to ensure your company data isn’t at risk.
Contact us today to learn more. Call 508-364-8189 or reach us online.