Growing popularity of smartphones as the most sought-after computing device for professional and personal use, have turned it as the most appealing attack surface for hackers.
In this article at Risk Management, Anne Bonaparte explains that the applications used by employees in offices to do their job and interact with enterprise data are the easy access points for hackers. Even if the organizations extend existing anti-virus or other IT security measures, they need to look beyond the conventional IT security tools and policies to address fast emerging advanced mobile threats.
The issue spotted is the behavior of the apps that collect a wide range of data unnecessary for its function. Specifics like the user’s location or all the contacts stored on a device that includes the names and titles of employees often get offloaded to the cloud. These intimate details could even disclose details about the businesses where users work.
To detect and protect employees from mobile cyber-attacks calls for digital innovation and explicit design for mobile threat defense. Take the instance of Apple and Google who are doing a great job of protecting users against overt malware. They do not try to achieve enterprise-grade mobile security for two important reasons. First, enterprise-grade security is too strict for most consumers. Second, enterprises have security, privacy, data usage and often compliance and regulation policies that are unique to each enterprise.
This turns into a massive blind spot around a mobile app that the hackers understand and target apps to present a path of low resistance. However, to reduce mobile vulnerability the best way is to create a company-wide policy for managing mobile use. Compile an app inventory for devices running in the workplace and come up with a policy that governs what data employees can access and how they can use it. The employees will be given authority to send mobile data abroad and might store it in the cloud. However, creating and enforcing a mobile-focused policy is critical.
Another way of doing it is by educating employees about the risks of the apps they download. Empower them by arming them with the tools and training to make better decisions about apps they download.
The author believes that the mobile threat is expected to escalate. The more connected your apps are to your lives and work, the more threatening it would be for the organization’s security. Click on the following link to read the original article: http://www.rmmagazine.com/2018/08/01/mobile-devices-the-next-frontier-for-hackers/