Security risks involving mobile devices are a real worry for businesses. Among respondents to a recent mobile security risk survey polled by iPass, 93 percent of organizations reported concerns over mobile security challenges. Of these, 47 percent stated that they were very concerned, up from 36 percent in 2016. In order to decrease your mobile security risk and reap the full advantages of mobile technology in the workplace, it’s important to understand the threats and take appropriate precautions.
Securing the C-Suite
Concerns over mobile security cut right across the enterprise, although those at the top are seen as exhibiting the riskiest behavior. In total, 40 percent of respondents pointed at the C-suite, including the CEO, as presenting the greatest security risk. According to iPass, among the reasons for this are the privileged access that executives are given to highly sensitive and valuable corporate data, their need to travel regularly for business and their tendency to use multiple mobile devices.
But this is not the only reason for the increased mobile security risk that organizations are experiencing. Employees across organizations are increasingly mobile, and the use of unsecure public Wi-Fi hotspots is becoming more and more popular due to the convenience they offer. According to the survey, coffee shops are the most popular locations for connecting to public Wi-Fi, followed by airports and hotels.
The Issue With Wi-Fi Hotspots
Due to the risks of such behavior, a full 68 percent of organizations state that they currently ban the use of public Wi-Fi, although some do allow limited use in certain circumstances. Many realize that totally banning the use of public Wi-Fi hotspots could be a drain on productivity and morale among employees who wish to remain connected at all times, especially because many devices are Wi-Fi only. Faced with a ban, many would likely flout it, causing organizations to only think they’re reducing their mobile security risks.
Among the greatest risks seen are man-in-the middle attacks, lack of encryption, unpatched operating systems and hotspot spoofing. Yet, these needs won’t be an issue if good security precautions are taken. With the right security controls in place, organizations can benefit from the flexibility that mobile technology allows, while ensuring that they’re not placing themselves at a higher than acceptable level of risk.
Steps to Decrease Mobile Security Risk
The use of secure mobility platforms, such as Samsung Knox, in combination with a mobile VPN provides the ability to encrypt data so that it’s protected even over unsecure Wi-Fi. The platform also provides the ability to store corporate and personal data in separate containers so that they’re isolated and data in the corporate container is encrypted. There are many other advantages to using Knox due to the defense-grade security built into the platform throughout the hardware and software layers. Even in BYOD programs, organizations can create a policy that allows the use of only secure mobile devices, banning the use of older models in particular.
Another recommendation is to use two-factor authentication for more secure transactions, especially those that are sensitive. This could be particularly useful for reducing the risk from executives who are likely to be performing transactions with a higher level of sensitivity and criticality. With two-step authentication, a one-time password can be sent to their mobile devices, and because it’s only good for one use, the user is assured the code won’t be hijacked. Another approach is to leverage biometrics.
No organizations can, or would wish to, prevent the use of mobile devices, despite the security risks associated with them. However, these risks can be handled with just a few precautions that will not fetter the mobile workforce.
Are unpatched security vulnerabilities worth the risk? A recent report shows just how much known vulnerabilities can cost your business.