Almost all employees regularly use a smartphone to access company data. Suffice to say that the stakes are higher than ever. Security of mobile is one of the main concerns of today’s companies. The corporate data breach average cost is $3.86 million. This follows from a report by the Ponemon Institute in 2018. This is 6.4% more than the estimated cost of one year. While it is easy to concentrate on the problem of sensational malware, the truth is that malware infections for mobile devices are extremely rare in the real world. According to one estimate, their probability of being infected is significantly less than the probability of being struck by lightning. This is due both to the nature of mobile malware and to the protection built into modern mobile operating systems.
The most realistic security risks for mobile devices exist in some areas that are easily overlooked, and all should become more urgent next year:
Loss of data
According to a recent study by Ponemon, companies have at least a 28% chance of getting a violation of estimated data of at least 28% probability. This may sound like the diagnosis of a robot urologist, but data leaks are considered one of the most worrisome threats to business security in 2019.
What is particularly disturbing on the subject is that it is often not harmful by nature. Rather, they are users who, without realizing it, make imprudent decisions about which applications can see and transmit their information.
“The main challenge is to implement an application validation process that does not overwhelm the administrator and does not bother users,” said Dionisio Zumerle, Director of Mobile Security Research at Gartner. It is recommended to use Mobile Threat Defense (MTD) solutions such as Symantec Endpoint Protection Mobile, Checkpoint Sandblast Mobile, and imperium ZIPS Protection. According to Zumerle, these utilities analyze the applications to determine their “past behavior” and automate the blocking of problematic processes.
Of course, the leak does not always cover the result of an obvious error of the user. It involves transferring business files to a public cloud storage service, inserting confidential information in the wrong place or inadvertently transferring data to a user. Container, this is a challenge that is currently difficult for the health industry to overcome: “accidental disclosure” was the main cause of the data breach reported by health organizations in the third quarter of 2018, according to Beazley. Almost half of the violations reported during this period.
Data loss prevention tools (DLP) can be the most effective way to protect against this type of leak. This software is designed specifically to avoid the disclosure of confidential information in unforeseen situations.
Wi-Fi interference
A mobile device is as secure as the network through which it transmits data. At a time when we are constantly connecting to public wireless networks, this means that our information is often not as secure as we suspect it is.
How important is this concern? According to a study by security firm Wandera, mobile enterprise devices use WLAN almost three times more than mobile data. Nearly one-quarter of devices were connected to open and potentially unsafe Wi-Fi networks and four percent of devices experienced an intermediate attack where a person maliciously intercepts two devices. Parties last month McAfee goes on to explain that network counterfeiting has increased “dramatically” in recent times, but that less than half of people worry about the security of their connections while traveling and using public networks.
“It’s not hard to encrypt the traffic today,” says Kevin Du, a computer science professor at Syracuse University, specializing in smartphone security. “If you do not have a VPN, leave a lot of open doors on your perimeter.”
However, choosing the right corporate VPN is not that easy. As with most security aspects, compensation is almost always necessary. “VPN provision should be smarter for mobile devices because it is very important to minimize the consumption of resources, especially battery,” says Gartner’s Zumerle. An effective VPN should only be activated when absolutely necessary, he said, rather than when a user accesses something like a news site or works in an application deemed secure.
Expired equipment
The smallest smartphones, tablets and connected devices, commonly referred to as the Internet of Things (IoT), represent a new threat to business security because, unlike traditional workgroups, they are generally not backed by software updates promptly and continuously. This is particularly true for Android, where the vast majority of vendors are scrupulously inefficient in keeping their products up to date with operating system updates and the smallest monthly security patches between them, as well as IOT devices. Many of them are not even designed to receive updates.
“Many of them do not even have an integrated patch mechanism, and it’s becoming more of a threat,” Du says.According to Ponemon, the increasing use of mobile platforms increases the overall cost of a data breach, said Ponemon, and a large number of work-related IOT products only increase that number. According to cybersecurity firm Raytheon, the Internet of Things is an “open door” that funded a survey that found that 82% of IT professionals predicted that unsecured IOT devices could cause data breaches of their data, computers business; it is potentially “catastrophic”.
Once again, strong policy is far away. There are Android devices that receive constant, fast and reliable updates. Until the IoT landscape becomes less savage, a company must create its own safety net around it.
Social engineering
The tactic of disappointment experienced is as worrying on the moving front as on the desks. Despite the ease with which one might think that the disadvantages of social engineering could be avoided, they remain surprisingly effective.
According to a report published in 2018 by the security company FireEye, 91% of cybercrime begins with e-mail. The company identifies these incidents as “malware-free attacks” because they rely on tactics such as impersonation to force users to click on dangerous links or to provide confidential information. The company claims that phishing has increased by 65% in 2017 and that mobile users are at greater risk because of the way many email clients work for mobile devices. They only show the name of the sender, which greatly facilitates the creation of forging. The messages and tricks of a person to think that, an email comes from a person whom she knows or whom she trusts.
According to an IBM study, users respond to phishing attacks three times more often on a mobile device than on a desktop computer. This is partly because most people see a message on a phone for the first time. According to the Verizon 2018 data breach investigation report, only four percent of users click on phishing links, these gullible people tend to be recidivists: the company notes that more someone has by clicking on the link of a phishing campaign, it is more likely to happen again in the future. Verizon has previously reported that 15% of phishing users would phish at least once in the same year.
“We’re seeing an overall increase in mobile device vulnerability, driven by the growth of mobile computing in general and the continued growth of BYOD work environments,” says John “Lex” Robinson, PhishMes Information Security and Anti -Phishing. Strategist, a company that uses real-world simulations to educate employees about detecting and responding to phishing scams.
Robinson points out that the line between a computer at work and personal computing remains unclear. According to him, more and more employees are seeing several inboxes linked to a combination of business and personal accounts on a smartphone, and almost everyone is doing personal business online during the workday. Therefore, the idea of receiving a seemingly personal e-mail with work-related messages does not seem superficially superficial, although in reality, it may be a joke.
Crypto jacking attacks
Crypto jacking is a relatively new addition to the list of relevant mobile threats. Crypto jacking is a type of attack in which a person uses a device to extract the cryptocurrency without the knowledge of its owner. If all of this sounds like a lot of technical problems, you need to know the following: The encryption process uses your company’s devices for the benefit of another person. The company is highly dependent on its technology. This means that the affected phones probably have a short battery and may even be damaged by overheating of the components.
Although computer encryption started at the office, the number of mobile devices suddenly increased from late 2017 to early 2018. Unwanted cryptography accounted for one-third of all attacks in the first half of 2018, according to a Skybox Security analysis with an increase 70% of its notoriety during this period compared to the previous semester. Mobile-specific crypto-hacking attacks exploded between October and November 2017, when the number of affected mobile devices increased by 287 percent, according to a Wandera report.
Since then, things have cooled a little, especially in the mobile space, largely supported by the ban on cryptocurrency extraction applications from the Apple App Store for iOS and the Google Play Store connected to Android in June. and July, respectively. However, security companies claim that attacks by mobile websites (or even malicious advertisements on mobile websites) and applications downloaded from unofficial third-party markets continue to bear fruit.
Analysts also pointed to the possibility of hacking Internet-connected decoders that some companies can use to transfer and transmit video. According to the security company Rapid7, hackers have found a way to exploit a clear vacuum made available by Android Debug Bridge, a command-line tool for developers who abuse such products.
At present, the answer is weak, apart from the careful selection of devices and compliance with a policy that requires users to download only applications from the official platform store, where the potential of crypto jacking is greatly reduced. In fact, there is no indication that most companies are exposed to a significant or immediate threat, particularly given the preventive measures taken across the sector. However, given the fluctuating activity and growing interest in these areas in recent months, there is something to know and watch for next year.