DONT LET MOBILITY TURN YOUR ORGANISATION INTO A MOVING TARGET
As an organisation mobilises, security issues multiply. Ajit Patel looks at the top mobile security risks, and how an organisation can better protect employees and itself from them.
What are the main mobile security threats? There are many, but the one thing they have in common is that they prey on human vulnerabilities - such as not taking enough precautions. We all cut corners now and again. If we can tackle that at source by making security practices easier to adopt we can neutralise all categories of threat outlined below. That is Siccura's entire mission.
Mobile users often give apps sweeping permissions without checking security. These free apps are found in respectable shops, such as the ‘A List' app stores. They do the job that's advertised, but they also do a lot more: such as sending your data - personal and corporate - to a remote server. It's then shared with anyone that's got enough money to buy it, from avaricious advertisers to cyber crooks.
Even enterprise-signed mobile apps can leak data. Mobile malware can even distribute code that is native to iOS and Android operating systems and spread data across corporate networks - without even raising a red flag.
You can't curb curiosity. Why would you want to neutralise the creativity of your workforce? So, the practical answer is to lock up your data before it gets into trouble.
Using Wi-Fi hot spots as part of your data diet is very dangerous. OK, it saves you money, but free ‘Woe-Fi' is a false economy because even the honest ones are easily hacked.
The worst Woe-Fi is often from fake nodes created by network spoofers. They create a fake access point that looks like helpful wi-fi but are actually traps. The user friendliness of them should be a dead giveaway. Real Wif-Fi never has a user-friendly name like CoffeeHouse or Free Airport Wi-Fi. As a rule, if it's too easy to use, it's too good to be true.
Once the crooks have conned you into setting up your ‘account' to access these free services, you'll be confident enough to use the email and password combination you use for every other service. You've just given the hackers the keys to everything you hold dear - from email to e-tail. Worse still, the bank may not be sympathetic once your account has been cleaned out, because you gave a complete stranger your identity - voluntarily.
Mobile users more vulnerable to phishing scams because - being constantly connected - they are more likely to receive the latest round of fake emails before the security companies have discovered them and put out an alert. Desktop users, who have a less immediate relationship with messaging, are more likely to get the warning before they fall for the scam.
If you can't stop people from clicking on an unfamiliar email, you need to at least put some contingency plans in place. Secure them with encryption and empower them with consent.
In many cases, spyware is installed by spouses, coworkers or employers to keep track of their whereabouts and use patterns.
Office politics means workmates might be driven by competition to adopt desperate tactics. Such as spying on their ‘frenemies' in the office, stealing ideas from each other and even taking company secrets to rival employers.
As with most forms of abuse, data is most likely to be stolen by someone you know. Only encryption can lock up your data.
The Infosec Institute warns that many app developers use weak encryption algorithms. Sometimes they use good encryption but bad installation. The only way to be sure you are safe is to use a company that specialises in mobile security that is easy to use and impossible to abuse. Go for a company whose name suggests they make you secure-er. (Seccura? Do you geddit now?)
According to the analyst Gartner data, the nature of mobile security threats isn't changing but the consequences are becoming devastating.
Mobility bestows so many benefits on large organisations. It enervates them with multiple points of sensitivity and empowers people to make decisions. Sadly, that agility can invoke jealous responses. Sensitivity can become a vulnerability as well as a strength. The fact that all the agents of the organisation - the employees - are tapping into business data from multiple devices, makes them open to abuse. Especially when many of these devices are personal handsets.
However, Siccura is a great believer in empowering people through mobility. We just have to make sure there is a water tight safe system that is so easy to use it will gain widespread support.
We call that ‘protecting business data by default'. When we make that happen, the bosses are happy to allow everyone to give their best, safe in the knowledge that they can be trusted to be ‘left to their own devices'
Lock up your data. Siccura can tell you how. We have nothing to hide but your data.