Over the years, mobile devices have become more powerful and mobile apps have evolved to be able to replicate just about everything a desktop app can do.
Even programs like Photoshop, which you would not think particularly well-suited to mobile use, now have mobile versions that can do many of the same functions as the PC version.
The rise of the mobile device as the main computing device for many people has led to a takeover by the smartphone and tablet of both home and work activities. In 2016, web traffic in Canada was made up of just 29% mobile devices. In 2021, that number jumped to over 40%.
According to a study cited by Microsoft, 60% of office endpoints in a typical company are mobile devices. And while most employees will have both a smartphone and computer, the study also estimates that as much as 80% of the workload has shifted to mobile devices.
What this means for business network security is that mobile devices need to be addressed. This always hasn’t been the case. Companies focus on securing servers and computers, but smartphones and tablets often slip under the radar.
In a lot of cases, this is due to a BYOD (Bring Your Own Device) program, where employers aren’t sure how much oversight they should have on a device owned by an employee.
But with today’s mobile device managers, such as Microsoft Intune in M365 Business Premium, a company can easily provide necessary security for their business data without being intrusive.
To build a good security strategy, it’s important to know the threats that you need to defend against and train employees to avoid them. Here are some of the biggest.
When you’re rushing from one airport gate to another and your smartphone is running low on battery, a public charging station with an open port is a welcome sight.
Most people will plug in with their phone’s USB cable without another thought. But those charging stations can be a trap. Digital thieves can insert malware into the USB ports that can infect a user’s device as soon as they connect.
The USB cable does more than just transfer power, it’s also a data port for two-way communication. Making it an easy way to infect your device with spyware and copy everything on it.
Fixes: Only charge using the electrical outlet, not USB, or use a “charge-only” USB cable.
In 2020, 46% of surveyed companies had at least one employee download a malicious mobile app. Mobile malware has been growing, and it’s fairly easy to reach victims. Just make an attractive app and offer it for free.
Users will download it without doing much research, and it can then infect their device with a virus, ransomware, or other types of malware. Mobile malware is designed to do things like seek out online banking app details and travel to other connected devices on a network.
Fixes: Ensure all employees have a strong mobile antivirus installed and that their devices are kept updated.
Data leakage is when sensitive data is accidentally exposed. This is another cause of data breaches and can mean as costly a data privacy penalty as an intentional attack.
Gaps in encryption can happen when employees share sensitive data over non-secure channels, such as a messaging app or via text message.
Fixes: Identify secure apps and methods of sending sensitive information via mobile devices and train employees on which methods can and cannot be used.
It’s been known for a long time that hackers can hang out on public Wi-Fi and use special code to spy on the unprotected communications of anyone else connected to the same network.
This is still a big problem because of the popularity of connecting to Wi-Fi when out in public places for both speed and to save mobile plan data.
Fixes: Use a VPN application for mobile data security or switch off Wi-Fi and use your mobile carrier’s connection while inputting any sensitive information (passwords, credit card details, etc.).
Phishing via text message, known as smishing, has been growing rapidly as mobile phone numbers become easier to get. Many retailers and other organizations now encourage customers to sign up for mobile alerts and messages. This makes it even easier for scammers to fake text messages and entice the user to click on a malicious link or send back sensitive data.
Fixes: Train users on smishing in addition to email phishing so they are aware of the threat. Install DNS filtering on mobile devices to block dangerous websites.
Haxxess can help your Northern Ontario business improve mobile device security using the right solutions.
Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.