Have you ever worked from your mobile phone? If you have, you’re in the majority of people. A massive 87% of businesses rely on their employees to use their mobile devices to access company apps and data, according to Syntonic. While mobile phones are great for on-the-go productivity, they’re not as secure as working onsite from a company laptop. If one of your employees loses their mobile device, all the company data on it could also be at risk. And that’s the most basic of threats.
Your business also has to contend with the rise of mobile security threats: malware, phishing emails and mobile vulnerabilities. Stopping your employees from working on their phones isn’t a good idea. For one, even if you tell your people not to work on their phones, they probably still will. Secondly, mobile working is excellent for productivity. The trick, then, is to manage mobile security risks better. Here’s how to do it.
Common mobile security risks
Defeating mobile security risks starts with an awareness and understanding of the threats you face. Below, we look at the most common mobile security risks.
Phishing and SMSishing
Phishing and SMSishing are forms of cyber attack where malicious actors send victims fraudulent emails or text messages. The message will imitate a trusted source, like a colleague, telephone provider, or government.T ypically, the message will contain a link that the victim is instructed to click. This will open a webpage that asks the victim to enter sensitive details, like corporate login information or bank details. While your company spam solution will work on your employees’ laptops, it doesn’t extend to their mobile devices. In this way, employees are more likely to fall for phishing scams on their cell phones. One of the best ways to combat phishing and SMSishing is through awareness. You should train your employees on what common SMSishing and phishing attacks look like, so they can spot them in real-time. If you’d like assistance with running security training, let us know. We can assist.
Malicious applications masquerade as legitimate, trusted apps, but they actually steal sensitive information or launch malware on the victim’s device. There are around 24,000 malicious mobile apps blocked from official app stores every day, but some still slip through the cracks! If your employee downloads a malicious app, this could easily cause a data breach or ransomware infection in your company. To prevent malicious application usage, you may want to consider a mobile device management solution. This allows you to control what applications your employees download and interact with. As well as this, training users on what malicious applications look like can help with prevention.
Man in the middle attacks
Many employees choose to work from coffee shops or libraries when they’re not in the office. The problem with this is the risk of malicious WiFi networks. Hackers are known to spoof legitimate WiFi networks in order to intercept sensitive data. This is what’s known as a man in the middle attack. Again, MDM can be a big help. It enables you to control the WiFi networks your employees connect to. You can block them from connecting to unknown or suspicious WiFi spots. Another option to consider is deploying a workplace VPN and making it so that your employees can only use certain, work-related applications when they are connected to the VPN. As background, a VPN works by creating a protected tunnel between your employee’s device and the corporate network, so traffic can’t be intercepted or seen by anyone else.
Lack of patching
All mobile phone manufacturers and application providers regularly release updates for their devices and applications. As well as improving functionality, these updates contain critical security updates. Unfortunately, many of us are sloppy about installing updates. Who hasn’t clicked the ‘remind me later’ button? While it’s easy to do, forgetting these updates can have wide-ranging security implications. We advise creating policies around application and mobile phone updates, which will help your users understand the importance of patching.
Device loss or theft
As mentioned at the start of this article, an employee losing their device – or it being stolen – could spell big trouble. If the device gets into the wrong hands, a hacker could potentially be able to access vast troves of company data. One of the most straightforward ways to protect against this is to mandate that your employees use password protection on their phones. Plus, they should bolster security for critical workplace applications by using multi-factor authentication.
Get Help Improving Mobile Device Security
Copperband Technologies can help your southern Kentucky or Middle Tennessee business with mobile phone solutions designed to boost productivity and security, as well as save you money. Contact us today to schedule a consultation! Call 931.263.8000 or email us.