Keys to Mobile Security

Mobile Security.png

Business mobility is sitting high up the priority list for CIOs in 2019. New research shows 64 percent of enterprises rank improving mobility and mobile security as a top priority. They see mobile access as key to improving employee talent, internal communication, making decisions faster and cutting costs. Mobility, however, comes with challenges. Top of that list is security.

Worries include:

  • Data leak prevention

  • Intrusion detection and prevention

  • Managing access to data

  • Preventing data loss when devices are lost

The concerns of IT leaders are easily justified. 82% of those surveyed said mobile devices can access most of their corporate data. As more enterprises introduce bring-your-own-device policies, more data will be put at risk.

88% of Android devices are vulnerable

University of Cambridge computer scientists recently found that the infrequent release and user reluctance of security updates for Android devices has left 88 percent of them vulnerable to at least one of 11 critical security flaws.

Apple is not in the clear either. The nature of iOS makes it hard for the same analysis to be done on iPhones and iPads, but the researchers said they expected the same level of vulnerability in the Apple ecosystem.

The sources of the danger

An employee downloads something infected with malware or connects to an unsecured WiFi network. The routes to compromise are many and easy to conceive. Once the malware is installed, it begins hunting for or capturing corporate data using the device’s access.

The greatest concern in these scenarios is the general lack of visibility that IT administrators have into potential mobile security issues. Most malware cases go unnoticed until it is too late.

Mitigating risk

Given that the growth in mobile usage is unstoppable (desirable, in fact), mitigation of risk is the only remaining approach.

A separate network for BYOD devices gives you a checkpoint to make sure personal devices and mobile apps are validated. A master security policy can set out exactly what information mobile devices can access. Secure mobile access solutions with context-aware authentication, network access controls and a virtual private network help keep access to only authorized users and mobile apps located on validated devices.

Also:

  1. If you develop and deploy your own enterprise apps, put them through a security vetting process

  2. Treat mobiles like laptops permanently connected to a network outside your control

  3. Know what applications your staff use to access your data

  4. Where possible, encrypt data at both ends of the transaction

  5. Protect data first and the device second. (Your mobile data management system should allow you to wipe a device remotely. Losing data on a server is a far bigger headache — loss of business, furious customers, lawsuits…)

We are here for your security needs!

Name *
Name

We Value Your Feedback

Was this information helpful?
Wast this an interesting read?
CurrentTech_Horizontal.jpg