Mobile usage is now virtually ubiquitous. It is estimated that around 96% of adults own a mobile phone. (source: Statista)
Many employees are accessing corporate data from smartphones, and this poses a huge risk to organisations and makes keeping sensitive data safe, more difficult than ever.
Whilst malware is a threat, it is not as prevalent as some may perceive, as protections are built into modern mobile operating systems.
There are however a multitude of other risks to be aware of, according to CSO Online. The way we see it, the ultimate danger is human error . . or put another way, lack of knowledge or training.
Some of the key threats to watch out for:
Data leakage or data breach
This is one of the biggest threats to organisations in today’s climate. According to some research we have read from Ponemon, companies have a nearly 28 percent chance of experiencing at least one incident in the next two years.
Some apps share data without the user having knowledge of this (who even reads all those terms and conditions?). However care must be taken.
Downloaded apps can be a major security issue for users, even those that are legitimate and claim to be secure. Mobile apps for enterprise users often request and store corporate data which is often transmitted to off-site storage facilities where the information can potentially be stolen, or hacked into, by cybercriminals.
Data loss prevention tools are available and worth considering in a belt and braces approach, but the first line of defence should also include training and educating your team.
Again human error or lack of awareness is at the heart of the problem. In spite of a raised profile, an incredible 91% of cyber crime starts with email, according to a report by FireEye. Social engineering attacks rely on cybercriminals impersonating an entity or an individual in order to trick the user into clicking malicious links or sharing sensitive information. According to an IBM study, users are three times more likely to respond to an attack of this nature on a mobile than they would on a desktop.
Your mobile is only as secure as the network that it is logged into. If you log on to an open access Wi-Fi network, you are immediately making yourself vulnerable to a ‘man-in-the-middle’ attack. This is where someone maliciously intercepts the interaction. To counteract this threat it is wise to instruct your team not to connect company smart phones to open access Wi-Fi, or if they must, ensure that you are utilising encryption.
This should be an easy one to fix but resistance remains high. Again this is a learning process and you should have strict protocols.
A ‘password manager’ is a piece of software that makes it much easier for people to use the desired ‘long, complex, unique passwords across different sites and services, without having to remember them all.
We highly recommend the use of a password manager, as does the National Cyber Security Centre.
If you’re worried about your cyber security, contact our team today on 01522 883636 and we’ll be happy to advise you.