TechGuard Blog

19 March

Mobile Security Concerns on the Rise

One major take away from the recent RSA Conference is that companies are increasingly concerned about the growing threats with mobile devices. This is no surprise as we see employees working from almost any type of setting and always online. In addition, many employees' work day often continues beyond 8-5 resulting in the juggling of personal and work-related tasks. Furthermore, these employees often fail to make security conscience decisions. The recent release of the Verizon Mobile Security Index provides valuable data and opens our eyes to recognize the current state of many companies' mobile security. Consequently, many businesses are realizing they need to take a closer look at themselves and address this issue.
 

Verizon Mobile Security Index 2019 Released

 
The Verizon Mobile Security Index 2019 (MSI) revealed that 1 in 3 companies admitted they had suffered a compromise in which a mobile device played a role. According to the report, companies are leaving mobile devices exposed to a degree that they would never tolerate elsewhere. Cybersecurity must be addressed across all endpoints.
 
 
The MSI provided important insight to just how risky our behaviors have become. Five out of six agreed that companies need to take mobile device security more seriously. Yet employees still continue to cut corners. Forty-eight percent said they put speed and profit first, sacrificing security to "get the job done". Even more alarming is that only 12% of companies said they had all 4 basic protections in place.
 
  1. Encrypt sensitive data on public networks.
  2. Regularly test security systems.
  3. Restrict access on a "need to know" basis.
  4. Change all default passwords.

 

Beyond the MSI report, chances are you know how critical mobile security is and probably have experienced several attempted phishing attacks via text messaging, phone calls, social media scams or email scams. In addition there are several additional mobile security concerns beyond phishing. Because so many are working from mobile devices the implementation of a well-rounded security plan for mobile devices that includes an engaging security awareness training solution is a must.

 

Who Are the "Bad Actors"?

 

You may be surprised to hear this but your employees are your number one threat. They will be tempted to break your security policies for convenience. They are looking for the most efficient way to produce their work even when it compromises security. As a result, providing them with the right security awareness training and reinforcing it on a regular basis is vital to protecting your company as a whole.

 

Reinforcement is an important key factor to creating sustainable changes in employees' security related behaviors. In fact, the 2018 Verizon Data Breach Report says that if someone has already clicked on a phishing related link that they are more likely to do it time and time again.

 

Avoid these 5 Security Faux Pas

 

  • Do not share executives' calendar, contacts or locations.
  • Employees devices are stolen/lost with weak passwords/PINs.
  • Companies use out-of-date devices with no built-in patching.
  • Employees become tricked into falling for social engineering scams like phishing.
  • Employees leak corporate data by accident such as an accidental email to the wrong recipient or providing permission applications. without realizing the consequences. 

 

Hackers are looking for what they expect to be an easy target and that means that small to mid-sized businesses are not safe. Many are financially motivated, but some simply wreak havoc for bragging rights. Either way, companies must protect these endpoints. Statistics show that with the shift towards working on mobile devices, the risk is greater. In conclusion, companies need to refine their security structure to include a comprehensive plan with a security awareness solution for mobile devices.

 

To learn more about mobile attacks related to phishing, visit our other blogs.

 

https://blog.techguard.com/keep-employees-safe-from-smishing-attacks

https://blog.techguard.com/catch-email-phishing-attacks-before-they-catch-you

https://blog.techguard.com/phone-fraud-taken-to-a-new-level

https://blog.techguard.com/vishing-watch-out-for-scare-tactics

Written by Michelle Stamps

LinkedIn