Challenges Of Keeping An Eye On Mobile Security

The increased prevalence of mobile devices and apps with lax security makes them hackers’ targets. Find out how to keep an eye on mobile security.

Challenges Of Keeping An Eye On Mobile Security

According to The Business Journals, 77 per cent of SME owners see mobile services and applications as critical to their business operations. Mobile applications help enterprise owners and managers oversee their businesses from anywhere. With the help of applications, they can answer customer queries, push marketing materials, and track employee performance, even when they are not in the office. But, the unregulated use of mobile devices and applications in businesses comes with risks — data loss, identity theft, ransomware and more.

According to Verizon, 93 per cent of businesses consider mobile devices a serious and growing threat. However, only 14 per cent report having implemented basic cybersecurity practices, such as password management and authentication. And checking rogue use of mobile devices and applications with preventive technologies and best practices comes as a top priority when drawing out mobile security road maps.

The increased use of mobile technology in business, combined with the Bring Your Own Device (BYOD) trend, means that businesses can’t neglect mobile device security. There are many sources of risk to information security that come with the use of cellphones, tablets and other mobile devices.

  • Common mistakes turn out to be a threat to data

62 per cent of organisations believe that they lack an understanding of mobile security threats and solutions. It is because the mobile security landscape, including mobile-specific malware, adware and ransomware is constantly evolving. Also, different operating systems get affected by these threats differently, and the rectification of the bugs.

Leading companies faced around 28 per cent of experiencing a data breach during the pandemic. And data leakage is often a result of the user’s indiscretion as opposed to malware attacks. In major cases, the user is responsible for giving certain applications access to their personal information and the connected corporate data in their devices.

  • How safe is the public Wi-Fi

Do you use public Wi-Fi at the airport, cafe or restaurant? Most of us do, right?

60 per cent of employees check their work email on smart devices and in multiple cases, they access their business data or personal data on public Wi-Fi. The increasing use of mobile devices for business might end up giving a straight roadmap to hackers. Also, poor security practices like reusing passwords or using no passwords make it more vulnerable.

According to research done by IBM, corporate mobile devices use Wi-Fi almost three times as much as they use cellular data. Out of 33 per cent of devices that have connected to open Wi-Fi networks, nearly 5 per cent of them have experienced man-in-the-middle attacks means a form of manual attack when a person intercepts the communication between two or more parties. This can make your emails, messenger conversations and even your SMS conversations wide open to cybercriminals.

Also Read: Top 10 Endpoint Security Providers

  • Social Engineering Attacks

Kevin Mitnick, consultant and head of Mitnick Security and a renowned author, coined the term ‘Social Engineering’ in the early ’90s. It is the art of exploiting human psychology rather than technical hacking techniques. It is used to gain access to buildings, systems and/or data. For instance, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, and try to trick the employee into divulging his password.

Smishing attacks are also a form of social engineering attack whereby hackers use phone text messages to trick victims into clicking on malicious web links or downloading harmful applications.

According to a report, 12 per cent of all mobile security incidents involved phishing URLs and 81 per cent of the phishing attacks on mobile took place outside the email.

  • Crypto Jacking attacks

Crypto Jacking is a type of attack where someone uses a device to mine for cryptocurrency without the owner’s knowledge.

According to Kaspersky, “Crypto mining trojans are ravaging the Internet”. Miners are special types of malicious programmes which are designed to secretly use a computer’s resources to mine cryptocurrency. And guess what? Hackers can siphon around 80 per cent of a computer’s power and use them to mine cryptocurrency.

Having a mobile security strategy is similarly important as building a mobile security technology stack. If you are providing your employees remote access to their personal devices plus the ability to work from anywhere, you should implement tools that increase the security of mobile devices. You can introduce mobile device management software (MDMS) which allows organisations to place restrictions and limitations on the devices that connect with corporate IDs and networks.

Originally published on: Datatechvibe