The increased use of mobile technology in business, combined with the Bring Your Own Device (BYOD) trend, means that businesses can’t neglect mobile device security. There are many sources of risk to information security that come with the use of cellphones, tablets, and other mobile devices.
Top Mobile Device Information Security Risks
- Unsafe apps. Although the mobile phone vendors try to ensure app security through requiring apps to be signed to be downloaded from the official app stores, misuse of certificates means that even apps downloaded from vendor stores or enterprise sites aren’t guaranteed to be free from malware. Even legitimate apps often request more permission than needed to perform their function, which can expose more data than necessary.
- Unsafe operating systems. Large numbers of mobile devices are not kept up to date with operating system releases. Out of date operating systems mean devices are vulnerable to security threats that are patched in the later versions.
- Unsafe devices. When users jailbreak or root devices, they work around the built-in restrictions of the device. While users feel that jailbreaking gives them freedom and more access to the device’s capabilities, jailbreaking also eliminates many controls that provide security.
- Unsafe connections. Users often rely on public Wi-Fi to stay connected when they work outside the office. These unsecured Wi-Fi networks can allow malware to be installed on devices or eavesdroppers to intercept data.
- Lost devices. Portable devices are easily lost or stolen. When an employee loses physical control of their mobile device, they also lose control of the data on that device. If the device isn’t appropriately protected with passwords and encryption, any data on that device may be exposed.
- Uncontrollable users. No matter how well you publicize your safe mobile computing policies, there will be employees who find them too inconvenient to follow. Organizations need tools to enforce policies rather than relying on employees’ good will.
- Lack of monitoring. The large number of mobile devices used in an organization makes monitoring and managing them difficult. It isn’t easy to understand the status of all mobile devices, users, and applications at a glance.
- Variety of devices. There’s no single standard for mobile devices, especially when you allow BYOD rather than supplying the devices. Because of the variety of devices and operating systems, it’s difficult to apply controls consistently to ensure the safety of all of them.
Managing Mobile Device Information Security Risks
The importance of providing employees with remote access and the ability to work from anywhere means that organizations need to implement tools that increase the security of mobile devices.
This can mean implementing multi-factor authentication and using tools like mobile device management (MDM) software that allow organizations to place restrictions and limitations on the devices that connect to corporate networks. Traditional network security controls such as firewalls are also important for managing the traffic of mobile devices.
The IT consulting services and managed services teams at Prescient Solutions provide complete mobility services to organizations in the Chicago and Schaumburg areas. Our experts manage provisioning, provide help desk support, and implement MDM and other tools to ensure employees using mobile devices can work safely as well as productively. Contact us to learn more about our mobile services.