Companies are beginning to rely more heavily on mobile devices and applications to drive employee productivity no matter where they are and to keep business moving forward. If employees work in the field or from home and are not issued company-owned mobile devices, chances are they using their personal smartphone or tablet to access work email, calendar, and business sensitive data. As more organizations continue to let employees bring their own mobile devices (BYOD) and use them at work, this creates real concerns for CIOs.
Smartphones have become a major computing platform. According to Visiongain, by 2016, almost every employee will have a smartphone that supports e-mail, can access the Internet and install a variety of applications. With employees using their devices to access password protected corporate networks, download unauthorized apps, and access unencrypted Wi-Fi network, these devices have huge security implications for businesses, large and small.
Rising Security Threats
Mobile security threats are heating up. Just like their predecessors, desktop and laptop computers, smartphones and tablets have become vulnerable to cyber security attacks. Mobile threats come in many forms, including smishing (SMS Phishing), data breach, viruses, and malware. Businesses are at risk when employees try to access non-secure, rogue apps that conceal malware that can steal confidential information. Cyber criminals also target smartphone users by smishing, a mobile phone security attack though which users are sent text messages with a link from what appears to be a reputable source. They are hoping users will click on the link and download a Trojan horse, virus or other malware onto their phones in order to steal their information.
Fragmented OS Landscape
The mobile OS landscape is fragmented and the level of security varies by device manufacturer. As a result, there are management and control gaps that need to be address by IT departments. We are seeing progress in securing and managing mobile devices with safer OS, hardware, and applications. However, as new devices are launched, attackers continue to adopt more sophisticated techniques to infiltrate these devices. Despite the risks, mobile devices are here to stay. They have become an important part of companies’ business processes.
Ensuring Maximum Mobile Protection
CIOs are responsible for protecting business sensitive data (i.e. customer and financial information) and intellectual property that are disseminated and accessed electronically. They must also comply with regulatory mandates and guidelines for securing mobile devices in the enterprise. The BYOD phenomenon adds an extra layer of complexity as far as data segregation and filtering are concerned. The best line of defense is for companies to employ a comprehensive and holistic mobile security lifecycle management strategy that supports varied mobile operating systems and secures their enterprise networks and mobile assets (both company-issued and personally-owned) without robbing users of the convenience that they expect from a mobile work option.
Check out this video and get tips from Dr. Ed Amoroso, AT&T Chief Security Officer on rolling out a mobile security platform: