TOLL FREE 888-808-6111
Now that mobile devices are ubiquitous across the enterprise, it’s no surprise that they - and the cloud-based apps on them - have become common targets for cyberattacks.
Multiple in-depth reports on enterprise mobile security - issued in recent years by major cybersecurity vendors including McAfee and Lookout - have sounded the alarm about the growth of advanced threats such as sophisticated malware, as well as the exploitable vulnerabilities present in many mobile applications and wireless networks.
Beyond these types of malicious attacks, enterprises are also at risk from end-user errors, authentication issues and technical misconfigurations, any of which can precipitate a costly data breach. A multilayered approach that encompasses not only antivirus software, but also includes measures such as single sign-on (SSO), multi-factor authentication (MFA) and robust network and endpoint security, is essential.
For example, McAfee’s first-quarter 2019 report chronicled the rise of complex mobile threats such as backdoor malware attacks. One such threat, called TimpDoor, was capable of running as a background service on Android devices and sending users SMS messages containing links to compromised apps available outside the official Google Play Store.
A TimpDoor-infected phone or tablet could serve as a potential entry point into an internal corporate network, illustrating the importance of endpoint security in preventing breaches. The consequences of any such infiltration can be significant, and numerous enterprises have already felt them. An IDG Research Services survey sponsored by Lookout found that three-fourths of respondents had suffered a breach as a result of a mobile device security issue.
It’s not always advanced malware that’s the culprit, either. Other common challenges include:
Something as simple as moving a file on a phone into a public cloud service can accidentally leak sensitive data, due to inadequate access controls (e.g., weak passwords, misconfigured servers, etc). A Beazley report found that such “accidental disclosure” was a much more common cause of data breaches than malware. Lost and stolen devices are another major concern.
Mobile devices rely heavily on Wi-Fi, which opens them up to man-in-the-middle attacks and network spoofing. Public Wi-Fi in particular is problematic, but any Wi-Fi network can potentially lack the all-important encryption needed for protecting activity. Using a VPN is essential in this context.
Old or obsolete applications are major risks to enterprise mobile security, as they may contain known exploits that will never be fixed. Apps downloaded from third-party stores are even more dangerous since they might not have undergone any vulnerability scanning.
A FireEye report found that most cyberattacks begin with email. A common way this happens is for someone to receive an official-looking email on their mobile device, click the link in it and have their device become infected. This infection could then spread across the network.
As we can see, there are numerous mobile security threats to account for, from vulnerable cloud apps to risky emails. Any defense against them must be multilayered. Common components of an enterprise mobile security strategy include:
Sometimes also referred to by the older name of mobile device management, this involves the secure oversight and control of all devices within the organization from a common interface. A solution in this space may harness threat intelligence and AI to stop a variety of attacks, while also generating in-depth reports and integrating with other business applications.
IAM solutions control who can access certain resources, and how they do so. It may encompass specific measures such as SSO and MFA. The latter requires more than one credential when logging into a service. One-time codes, additional devices and biometrics are all common implementations of MFA. For SSO, the same set of rigorous credentials can provide secure access to multiple services, eliminating the hassle and risk of creating passwords for each one.
Many if not most apps on mobile devices connect to hosted and cloud-based services. Managing these connections and the data involved can be challenging, but it’s easier with the help of a trusted partner. Telesystem can help with solutions hosted in our secure, geographically redundant data centers. We also provide protection from DDoS attacks and can guide you through an SD-WAN implementation for a more secure network.
Formal security solutions can only stop so much. Certain issues such as password hygiene, phishing attempts and device loss or theft require direct preventative action from users. Regular training is the best way to keep workers up to date on security best practices and on how to use specific tools such as VPNs while on the go or MFA while in the office.
Endpoint security and network security go hand in hand. Without a secure network, endpoint infections are more likely. View our full guide on network security for a closer look at everything from firewalls to DDoS mitigation.
Telesystem is committed to making it easier for you to run a high-performing and secure business. To that end, our solutions portfolio includes everything from secure data centers to hosted VoIP systems. Learn more by contacting a member of our team today.