Whether your company supports mobile devices for its workers or you operate in a BYOD environment, mobile device security should be at the top of your priority list. According to security experts, the next frontier for cyber terrorists, hackers, hactivists, identity thieves, and other cyber criminals is the mobile device. Some will target the devices, while others will go after vulnerabilities in mobile operating systems and apps. Here are the top concerns the IT department needs to be aware of and take care of immediately.
1. Shadow IT
If you thought Shadow IT was problematic in your desktop environment, you haven’t seen anything yet. Mobile devices are a haven for all sorts of apps, most of which bring with them a host of security vulnerabilities. Some apps are designed to infringe on privacy by stealing and transmitting GPS location or sensitive data stored on the device. Others simply leave doors open that are laughably easy for a savvy hacker to stroll right through.
2. Public Wi-Fi
Users continue to be confused about what is and isn’t a safe Wi-Fi connection. Even a user who would avoid a free, open Wi-Fi hotspot (like a cafe) is willing to connect to paid hotspots at hotels, restaurants, and shopping malls, not realizing that these public connections are just as vulnerable as any free Wi-Fi hotspot. Education can only go so far. IT needs to employ strong security measures to protect devices and users in these situations. Sometimes, public Wi-Fi is simply the only way to get the work done.
3. Traveling Abroad
Many IT departments are struggling with a workforce that travels abroad. Some areas of the world are more dangerous than others. In fact, a few places are so notorious for cyber crime that experts predict a device will be infected within hours of landing there. “Touristy” spots are particularly nasty. If your workforce travels abroad, it’s time to get serious about mobile device security.
4. Mobile Devices Turned DDoS Bots
Intruders breaking into the device is just one issue. Another problem that’s becoming more widespread is hackers who take remote control of a device and then turn it into a mobile DDoS bot. If the device is connected to your network or accessing your systems, you’ve got double problems. Stringent security is necessary to prevent your corporate devices from making the national news for being a proponent of — not just a victim of — a DDoS attack. This is not just the stuff that keeps IT managers up at night; this is a PR nightmare.
5. Hijacked Devices
Hijacking is popular with users who don’t want to be tied down to a contract or to a particular carrier. But hijacking is an open door to numerous threats. BYOD policies should specifically forbid hijacked devices and impose stiff punishment for policy violations.
Want to learn more about what it takes to keep mobile devices secure in the age of hactivism, cyber terrorism, and identity theft? Watch our webinar: How to Predict, Detect and Protect Against Mobile Cyber Attacks.