Mobile devices are a crucial component of every employee’s day-to-day, which means mobile devices are a crucial component of every company. Unfortunately for companies, attackers have taken notice of how mobile devices have proliferated our professional and personal lives and begun targeting them more frequently and with evermore complicated attacks. By using malware, malicious networks, configuration or OS vulnerabilities to gain access to mobile devices, attackers can infiltrate some of the world’s largest enterprises. Attackers have stolen countless troves of confidential user, customer and corporate information.
As a result of cyber breaches and pressure from consumers, governments across the globe are enacting laws that help protect end user’s data and personal information, especially across mobile devices. The goals of these laws are to set guidelines for companies to implement mobile threat defense (MTD) solutions which will protect their end user’s data, devices, and privacy.
And although punishing companies is not the goal, these new laws are coming with hefty fines, business sanctions, and punishments in the event of any violations, not to mention the bad press. Here are just a few examples of data privacy laws across the globe and the potential consequences for companies who are found to be in violation:
- United States – HITECH Act – Maximum penalty of up to 1.5M USD
- European Union – General Data Protection Act (GDPR) – Maximum penalty of up to 20M Euros or 4% of company’s worldwide annual revenue (whichever is higher)
- Germany – Federal Data Protection Act – Maximum fine of up to 300K Euros
- Singapore – Personal Data Protection Act (PDPA) – Maximum fine of up to 1M USD
As you can see, these laws have been designed so that penalties can no longer be considered the “cost of business as usual”, forcing companies to take them seriously. Thus, for companies who have employees (or mobile apps) that operate globally, it is now crucial that they understand these data privacy laws so that they can remain compliant and continue to operate their business. And this will require a new way of thinking about enterprise mobile security, since traditional IT approaches like antivirus and firewalls won’t properly protect companies.
What’s needed is a true Mobile Threat Defense solution that was tailor-made to protect mobile devices, their data, and their users. There are a few crucial capabilities which will empower companies to remain compliant with these global data privacy laws, including:
- Public app which end users download directly from an official app store, as opposed to a private app that might be installed discretely and/or secretly and collect personal employee information without consent.
- Proactive protection with real time monitoring for malware, vulnerabilities, and malicious networks, and automated mitigation action upon detection.
- Global threat intelligence, whereby sensors collect information from across the globe to stay ahead of threats and protect against novel and zero-day exploits.
Knowing and understanding the data privacy laws for the countries you operate in is a crucial new requirement to doing business in a global, mobile world. Though these laws are complex, protecting companies and keeping them in compliance with Skycure’s Mobile Threat Defense solution is not.