How often do you use your mobile phone instead of a computer for things like checking email? Accessing social media? Checking in on your company’s team messaging app?
Increasingly, mobile devices are becoming the “go-to” device and taking over many of the activities that we used to do on our computers.
Pulling out your mobile device while sitting on the couch or when eating lunch in the courtyard at the office is a lot more convenient than going to your desktop computer.
These are great statistics for mobility and show that smaller devices and the apps for them are becoming more powerful. But while mobile productivity technology may have advanced, security is still woefully behind.
Many mobile devices used for business purposes don’t have the basic protections that PCs have. This includes things like monitoring and management to ensure things like updates are being made and devices are protected from external threats.
It’s estimated that 1 in 36 mobile devices currently have high-risk apps installed.
Threats to mobile devices are just as prevalent as those to PCs, and many are one and the same. For example, ransomware can infect any type of device… computer, smartphone, server, or tablet.
Businesses need to begin seeing mobile devices for what they are – work devices that have access to the same sensitive data and business apps as computers. They also need to be included in cybersecurity strategies and protected in the same ways.
What Things Put Mobile Devices at Risk of a Breach?
Public Wi-Fi & Man-in-the-Middle Attacks
Mobile device users often connect them to public Wi-Fi when it’s available. In a survey of U.S. consumers, 87% said they have used public internet services at places like cafés, airports, and hotels.
When you connect directly to public Wi-Fi, your communication is unprotected. Many people don’t think of this and will do things like entering passwords into apps or send sensitive information in a business email.
Cybercriminals will often hang on popular public Wi-Fi hotspots looking for those unencrypted communications and opportunities to breach user data and devices.
It’s important to use precautions when away from a secured Wi-Fi connection. These include:
- Using a VPN application to encrypt your data connection
- Switching off Wi-Fi and using the mobile carrier connection before transmitting or entering any sensitive data
Public USB Charging Stations
Seeing a USB charging station at an airport can be a lifesaver if you’ve been traveling all day and are low on battery power. But those USB ports do more than just charge your phone. USB was developed to be a data connection and it can transmit data in both directions.
Hackers will often do what is called “juice jacking.” This is done by infecting a public USB charging port with malware that will copy a device that’s connected to it and/or infected with malware.
Three ways to protect against juice jacking include:
- Use a “charge only” USB cord that won’t transmit data
- Only charge using the electrical outlet, and avoid USB ports
- Carry cell phone charging batteries with you to recharge
Mobile malware can be hidden in helpful-looking free apps you find online. These apps might even do what they say they will do, but have malicious code hidden inside them.
People often don’t think twice about downloading apps to their phones. They may also leave them on their phone unused and un-updated. This increases the risk of a malware attack through that app.
Ways to help protect against the rise of mobile malware threats include:
- Ensure all mobile devices in your company have mobile antivirus/anti-malware installed
- Teach employees to research apps online before installing them
- Only download apps from official app stores (but still research them online first)
Unprotected & Unmanaged Devices
As we mentioned earlier, many mobile devices are left unmanaged and unprotected. Even companies that have excellent device monitoring for computers will overlook mobile devices, not realizing how much data they can actually access.
It’s important to use an endpoint device manager, such as Intune, which comes with Microsoft 365 Premium. This type of application allows you to easily manage all devices that connect to your business data, even if they are employee-owned.
It enables a common security strategy for mobile devices that includes ongoing patch and update management, monitored backups and anti-malware, and more.
Using this type of application also improves network security because you’re able to use a business rule that will automatically block any devices trying to connect that are not being managed in your system.
Get a Handle on Your Mobile Device Security!
Connect2Geek can help your Treasure Valley area business with an effective, secure, and affordable strategy to reduce the risk of a mobile device-related breach.
Schedule your free consultation to learn more today! Call 208-468-4323 or reach out online.