3 Steps on the Path to Mobile Security
It really is the Wild West out there — as more device manufacturers pop off new smartphones and tablets, and as everyone and their brother creates new mobile apps, the number of mobile devices and apps are skyrocketing. There are around 2.5 billion smartphones users globally and almost 200 billion mobile app downloads per year. Smart cyber criminals are increasingly targeting enterprise mobile devices and apps to make money and cause trouble. Mobile devices are soft targets — they operate outside of the walls of the office and use public communications networks to conduct their business. Amazingly, 20% of companies believe that their company has already experienced a mobile security breach, while 24% don’t know if they have or haven’t been breached.
How bad is it? Pretty bad and getting worse. Total mobile malware grew 46% over the last four quarters driving global mobile infection rates over 10%. Think about that — one out of every ten mobile users were impacted by malware in 2017. If that isn’t scary enough, some Android devices even come with a virus pre-installed, how convenient.
Mobile ransomware is one of the fastest growing categories of malware, increasing by a factor of 3.5 between late 2016 and early 2017. When you factor in the scale and vulnerability of the Internet of Things, you get a grim picture of the future. Tens of billions of devices and endpoints with little or no security. There are no “silver bullets” in regards to mobile security, but there are some straightforward steps you can take to make things better.
Create a Corporate Mobility Policy
A corporate mobility policy will establish guidelines around the assignment and use of mobile devices and apps within your company. It will answer important questions such as, who within the company should get what type of mobile device (Laptop, Tablet or Smartphone)? What apps do workers need or are allowed to install on their own? Who gets access to what documents and files and from where can they access them? Does your company allow or promote bring-your-own-devices (BYOD) and apps? If so, how are they secured to prevent data leakage?
The best corporate mobility policy is simply to have one. Once something is in place, it is easy to grow it and change it as your company evolves and mobile workers figure out new ways to mess things up.
Use EMM to Enforce Full Lifecycle Mobile Security
Once you have created a corporate mobility policy and educated your workers, it is a good idea to deploy an enterprise mobility management (EMM) solution to enforce it. An EMM solution such as SOTI MobiControl brings your corporate mobility policy to life. It controls device security, manages who gets what apps and content, and fixes device problems remotely. However, you need full lifecycle effort; from initial device onboarding and protection, through monitoring and controlling the device during every day use, to its eventual retirement. Your enterprise mobile security is only as strong as its weakest link.
Follow EMM Best Practices to Prevent / Mitigate Security Threats
For each phase of the mobility lifecycle, SOTI recommends a set of best practices that will prevent and/or mitigate most mobile security threats. It is important to keep abreast of current mobile security trends and threats, but that is not hard as it is one of the most covered topics on the interwebz. Some powerful tips and tricks include:
- Enforce multi-factor authentication for device enrollment, certificate-based authentication for access to corporate WiFi and mandate VPNs to prevent hackers from gaining access corporate resources.
- Use real-time location services (RTLS), such as geofences and location tracking, to minimize the impact, and improve the chances of recovery, of lost or stolen devices.
- Deploy a secure EMM browser to block untrusted sites and minimize man-in-the-middle (MitM) and phishing/social engineering attacks.
- Use an antivirus solution built into, or integrated with, an EMM solution to prevent malware in files and apps from being downloaded/installed on the device.
- Deploy a secure EMM document manager, and enforce complex passwords, encryption, and separation of personal and work data, to prevent data leakage of sensitive/confidential content within corporate apps.