Malware Isn’t the Biggest Threat Facing Mobile Device Users
With more employees working remotely, ensuring security of mobile computing has become increasingly important. Verizon’s 2020 Mobile Security Index reported that well over one third—39 percent—of businesses had a security incident tied to a mobile device. Many of those businesses said the incident was serious and difficult to recover from.
Although we often focus on malware when it comes to data security, in the mobile context malware isn’t a leading cause. Businesses should concentrate on these more significant mobile threats instead:
1. Data leakage.
Because working on mobile devices can make it difficult to access or share data easily, users often use cloud storage. Unfortunately, using unapproved cloud storage can leave data unprotected and vulnerable to loss.
2. Phishing and social engineering.
Users continue to be the weak link when it comes to information security. Phishing emails and dangerous links can be harder to detect given the small size of screens on mobile devices. In addition, users can be exposed to phishing and social engineering attacks through text messages and mobile apps as well as email.
3. Insecure networks.
Users typically prefer mobile devices to connect via Wi-Fi rather than use cellular data. This leaves devices vulnerable to being infiltrated with malware or man-in-the-middle attacks. Because users pick the network to connect to based on its name, and there are no controls over how networks are named, even users who want to connect to an official network can accidentally connect to a dangerous one.
4. Unpatched devices.
Consider this: IT security teams know the importance of applying security patches, but most businesses admit patches don’t get installed on a timely basis. Do you think your non-technical employees are installing all the latest mobile operating system updates as soon as they’re released? Many devices continue to use out-of-date versions that have known vulnerabilities.
5. Unprotected devices.
Mobile devices are lost with disappointing frequency. When a mobile device isn’t password-protected and doesn’t have encryption enabled, anyone who finds the device has access to any corporate data stored on the device. Because users’ passwords are often easy to break or guess, someone who picks up the device may be able to gain access to corporate systems, as well.
Even though malware isn’t a leading mobile threat, businesses should still take steps to protect against it, as well. Mobile devices are vulnerable to malware hidden in ads or in apps. Even apps downloaded from official app stores are occasionally found to contain malware.
Prescient Solutions’ mobile support services help businesses define their mobility strategy and provide users with the support and guidance to access mobile computing easily and safely. Contact us to learn more about security for mobile device users.