Personal electronics are transforming the way businesses operate. More than ever before, employees are encouraged and empowered to connect to their virtual meetings over mobile, or work from their favorite devices.
While ‘bring your own device’ policies have undoubtedly improved employee satisfaction and boosted productivity, controversies have developed regarding unreasonable expectations that workers are always online or on call. This is a valuable discussion to have, but that’s not what we are focusing on today. Instead, our attention is fixated on cybersecurity.
Mobile devices, like smartphones and tablets, offer a unique conundrum for cybersecurity professionals because these machines are used both for personal and professional purposes; and the line is beginning to blur.
Smartphones and tablets are relatively new and their uses are expanding every day. An employee might check their work email in the morning, download a news app in the afternoon and do a little online shopping in the late evening. So, what’s the danger?
Since mobile devices can be taken out of the office, they do not benefit from the same firewall protections as in-house computers. To keep mobile data costs low, employees often take advantage of free public Wi-Fi from airports and coffee shops, which has its own set of risk.
A surprising 60 percent of consumers believe public Wi-Fi to be safe and are completely unaware of honeypot and ‘man in the middle’ scams which are used to steal data, pilfer contacts and spy on traffic to and from your computer.
Not to mention that attacks on mobile devices are on the rise. Decades-old phishing, spoofing, Trojan download and malware scams are making the jump to mobile. Even legitimate apps are notoriously lacking in security checks. According to Dark Reading, 33 percent of businesses never test their apps for security before they go to market.
There are also legitimate concerns about insecure data storage, excessive app permissions and unencrypted messengers. Take, for example, the massive iCloud data breach that occurred in August 2014 which leaked hundreds of celebrity private photos online. And unlike desktop computers, mobile devices sometimes fall out of pockets and purses and into the hands of crafty criminals.
Would you want your organization’s most valuable information exposed this way? Of course not! So, how can your business protect itself?
If you are concerned about the security of your data, you may want to invest in mobile app security from a reputable provider like Shape Security. Cybersecurity experts understand the necessity for mobile devices in the workplace and the inherent risks that follow.
While it is nearly impossible to eliminate all threats of hacker incursion, there are steps you can take to sure up your defenses against data leak.
Use a VPN: One of the best ways to keep your data safe is to invest in a virtual private network (VPN) that provides a dynamic and secure connection between your phone and your company’s gateway. In rough terms, a mobile VPN works like an in-office firewall to keep unwanted eavesdroppers away from your data in transit.
Cover Your Tracks: Lost your phone? Forgot to lock your device with a PIN or passcode? Remote wipe apps are a wonderful way to delete your personal and professional information from a lost/stolen tablet or cell phone. Better to wipe the slate clean than to let your secrets fall into the wrong hands. Anxious about losing your data? Backup your information to a secure cloud, your computer or external hard drive.
Educate Your Employees: Regrettably, human beings are the weakest link in cybersecurity — and hackers know it. If you really want to keep your company safe from cybercrime, talk to your employees about the threat of mobile incursion. Host quarterly trainings to discuss cybersecurity best practices that touch on public Wi-Fi, password protocol, mobile app security and more.
Understand App Permissions: The next time you download an app, stop and look at the permissions. Does your flashlight app really need access to your contacts? Does your favorite mobile game require access to your call logs to function? Keep an eye out for red flags such as these. If you or your coworker are unsure about an app, it’s probably best to talk to your IT department before using it.
Novel attacks on mobile devices are still developing, so it’s absolutely vital to start protecting your business today. As you know, it’s better to take the necessary steps to protect yourself now rather than after a cybersecurity incident.
You might also enjoy: The Consumerization of IT