It never occurred to the CEO that the text which appeared to come from his bank would create an existential threat to his company. Only after the ransomware he inadvertently launched had ravaged the company’s servers and ground business to a halt did the importance of mobile device security become apparent.
Laptops, smartphones and tablets are valuable allies for the growing number of remote workers and frequent travelers. Most organizations have embraced them for their ability to keep workers productive even when disconnected from the business network. But mobile devices also introduce security challenges that data protection tools behind the firewall don’t always address.
There are numerous ways they can introduce vulnerabilities into organizations:
- Mobile devices are easy targets for theft or loss. Sensitive data stored on them is at a higher risk than on an office desktop.
- They can be infected with malware and viruses through malicious apps, downloads, or links. Users aren’t always cautious about installing mobile apps, and IT has limited visibility into their activities.
- Mobile users are vulnerable to phishing attacks from sources they don’t use in the office, such as short messaging services and social media. Small screens make it harder to thoroughly review emails, messages, or website URLs and phones and tablets make it difficult to preview a link to verify its legitimacy.
- Connecting to unsecured Wi-Fi networks in public places can allow cybercriminals to intercept and steal data.
- Mobile operating systems and apps must be regularly updated with patches and upgrades. Leaving these critical tasks up to device owners is risky.
- Apps may request unnecessary permissions or contain vulnerabilities that can be exploited. Since more than 90% of consumers consent to service terms without reading them, attackers can use this tactic to gain privileged access, allowing them to listen in on phone calls, turn cameras, and steal data.
Cybersecurity and data protection software built for corporate networks isn’t designed to address all the variables that mobility creates. Security may be an afterthought for mobile device management suites focused more on tracking and maintenance than data protection. Relying on point solutions from an app store is complex to manage and places too much responsibility in the hands of users.
The best protection is an integrated management and security solution that’s purpose-built for mobile users. Jamf’s comprehensive mobile security suite integrates with cloud identity services to ensure that only trusted users can access company data on enrolled, safe devices. Zero-touch deployment supports central administration of apps, updates and permissions across multiple devices. Jamf’s solution provides a seamless user experience with a single set of credentials secured by multi-factor authentication and self-service provisioning to reduce the burden on IT administrators. Active risk monitoring, malware and phishing detection and dynamically updated user access policies enable rapid response to threats with minimal impact on the business.
Best practices in mobile protection include:
- An equal focus on device and data security. Sensitive data should be isolated and encrypted in a secure virtual vault protected by robust authentication.
- Always encrypting sensitive data before transmission. Split tunneling allows users to connect to a secure remote network while maintaining an unsecured internet connection, providing security without sacrificing convenience.
- Automatic patching and upgrades, with the IT department able to monitor a device’s compliance with security policies at any time.
- GPS-enabled device location when needed to ensure lost and stolen devices can be located quickly .
- Depending on enrollment method, “remote wipe” capabilities to allow administrators to delete data or perform factory resets over the air.
Good mobile security is about preserving the experience people love while enabling robust but nonintrusive IT oversight. A mobile-first security solution is best suited to achieve this balance.
Find out how Jamf can help you better manage and secure your mobile workforce. Read more here.