Mobile phones offer us unprecedented convenience, giving us the ability to work and access important corporate data and systems while on the move. The technology has revolutionized the world of work and as smartphones with enterprise-focused features, like the Galaxy Note8 and Galaxy S9 Enterprise Editions, become more prevalent, how and where we work will change forever.
All this convenience can also bring a new set of risks. Increasing the number of mobile devices accessing a corporate network means more potential vulnerabilities for your IT staff to manage and protect.
Companies need to educate their employees about the importance of keeping their mobile devices safe. A key part of this is regularly installing security updates on both employee-owned and corporate-owned devices, providing constant coverage and extended business continuity for the enterprise.
In the continuing game of cat-and-mouse between the security industry and cybercriminals, techniques are constantly evolving. As security companies, device manufacturers and technology companies scramble to deal with the latest threat affecting smartphones, someone is out there already working on their next piece of malware.
We have seen recently how ransomware has become a trend among threat actors seeking to monetize their online activity. Even as desktop versions evolve, hackers are now focusing on ransomware designed specifically for smartphones.
Just as enterprises are seeking to leverage the power of mobile devices to boost productivity and efficiency within their workforces, cybercriminals are seeking to focus their increasing attention more on the flaws in software networks.
What Can Be Done?
A major piece of any security plan is education, ensuring that end-users are aware of the type of threats out there and which information can be compromised.
Part of that education is ensuring that security updates or security patches are regularly applied in a timely fashion. Reducing the attack surface and by closing off as many of the vulnerabilities as possible is key to preventing someone from accessing data. This type of software support is something to be considered when evaluating different smartphone device options.
Google issues security patches for its Android operating system on a monthly basis, ensuring that any new vulnerabilities in the platform are addressed. The security updates won’t give users any additional functionality, but in the background they are working to ensure your phone — as well as the networks it connects to — are protected.
However, while Android pushes out these updates monthly, not all manufacturers provide these to their customers on such a regular basis. This is because each manufacturer of Android devices makes modifications to the standard OS that runs on their devices.
What is Samsung’s Approach?
Samsung has invested heavily in enhancing the security of its Android smartphones and tablets through the Knox platform and solutions. It also provides monthly security updates that include both Android’s latest patches, as well as additional security updates specific to Samsung devices. Information on the latest updates is available here.
The other important point of differentiation is security support for older devices. Some manufacturers may curtail security updates for devices after just 24 months. For enterprises who often acquire devices a year after their initial market availability, this effectively reduces the secure life of the device to just 12 months.
With Samsung’s Enterprise Edition smartphones, it is committing to continuing to support monthly security updates for at least three years from general availability, ensuring that business customers can extend their investment while still being assured that devices are protected.
Additionally, Samsung’s E-FOTA tool can help IT managers set these software updates at specific times, or even force them. This way employees don’t miss them and they don’t have to occur during peak business hours.
How to Check the Security Patch Level
On Android smartphones, your employees can be proactive and check the status of their security updates in the “Settings” menu “About Phone” section. Here, they can select Android Patch Security Level and see the most recent applied phone update.
On Samsung devices, you will see additional information on Security Enhancements for Android and the version of Samsung Knox on the device.
By educating employees about this feature, ITDMs can develop a security plan that gets the end-user involved, but is also supported by a multi-layered enterprise management system that keeps smartphones and tablets consistently up to date — deterring potential cyberattacks and keeping corporate data safe.
Are unpatched security vulnerabilities worth the risk? A recent report shows just how much known vulnerabilities can cost your business.