Why can’t we put off smart device security any longer?
There were years when it was possible for enterprises not to worry about the security of mobile devices in the enterprise.
Today, as the world of work adopts smart and flexible approaches such as smart working and remote working, mobile devices are the weakest link in the corporate data security chain.
An estimated 80 percent of companies have now adopted the BYOD (bring your own device) policy, but few of these have implemented even a Mobile Device Management policy.
BYOD increases efficiency by giving employees more freedom and eliminating the burden of dual telephones, but at the same time provides for people to connect with everyday, private use devices to corporate resources.
Smartphones and tablets give us quick access to critical business information so we can work quickly, but while, for years, we have been talking about the importance of good virus and malware protection with regard to our computers, too little has been heard about how to secure the smartphones and IoT devices with which we access business resources.
What are the real risks?
- Data Leakage: the unauthorized transmission of data
- Theft of usernames and passwords, theft of money and credentials of credit cards and bank accounts
- Adding aliases to critical and confidential accounts
- Sale of personal information to third parties
- “Network spoofing” i.e., Wi-Fi that is only seemingly secure, often in busy places such as airports with misleading names like “Free Airport Wi-Fi.” In these cases, usernames and passwords are requested, which, being often used in multiple accounts, allow hackers to compromise e-mail, e-commerce access, and more
How to protect the company’s mobile devices?
FUNDAMENT
A good mobile device protection strategy must start from a solid foundation.
Thus, point 0 on the path to comprehensive security is the “traditional” cybersecurity we have come to know.
Only once the basics of cybersecurity (on premise or managed) are solidified do we start talking about mobile security and – even more so – mobile threat prevention!
PREVENTION
Identify threats using algorithms on the device, on the network, and in the cloud that trigger automatic defense responses that keep mobile devices and the data on them protected.
PROTECTION
1. Network Analysis
To better protect corporate data, we think about extending network security capabilities to mobile devices.
What is meant by network protection in mobile optics?
With advanced protection systems, smartphone traffic can be controlled without passing data through a corporate gateway, ensuring data privacy and smooth browsing. Protection from phishing, for example, is now essential to avoid attacks from many apps: e-mail, messaging, and social.
A defense that includes network Wi-Fi also detects malicious behavior on a network and prevents from man-in-the-middle attacks, with the ability to automatically disable the connection deemed dangerous.
2. App
Every one of us on our smartphones has, at least once, installed an app of which we were not 100% sure … to “try it out” without thinking about the potentially disastrous consequences this could cause.
With mobile security systems, threats can be detected with source code emulation and analysis systems that are activated upon download and installed in virtual cloud environments, analyzing its behavior before it is actually installed.
3. Device
Weaknesses in operating systems (both Android and IOS) are among the most notorious vulnerabilities exposed to cyber attacks. The large number of flaws that are constantly found in systems, and for which a patch is released as soon as possible, is proof of this.
Therefore, a mobile security system capable of protecting enterprise mobile devices must be able to trigger real-time risk assessment systems to reduce opportunities for external attack.
BONUS TIP!
Passwords are our most valuable allies in daily life!
Set different passwords for your services, use device PIN (even better, if available, device unlock with fingerprint and Face ID).
And remember to be wary of open networks, no one likes to waste their data when they have a network at their disposal, although often in restaurants and hotels they are protected and managed by firewalls, in public places it happens to run into unmanaged or configured networks in which many threats can hide!
A possible solution?
SOPHOS INTERCEPT X FOR MOBILE
With its market-leading Deep Learning engine, Intercept X for Mobile protects users, their devices, and corporate data against known and never-before-seen threats targeting mobile devices. Everything is managed transparently with Sophos Central, along with the full range of solutions.
MAIN FEATURES
- Protection for Android, iOS and Chrome OS devices
- Deployment using Sophos Mobile or an alternative Unified Endpoint Management (UEM) product
- Deep Learning from Intercept X on Android
- 360-degree Man-in-theMiddle (MitM) threat detection
- Mobile Threat Defense award-winning
- Conditional access to Microsoft Intune
- Available from Apple App Store and Google Play Store
Share