When it comes to office productivity, employees aren’t limited to using company-issued desktops and laptops. They now also use their personal mobile devices, such as smartphones and tablets, to get things done faster. Because they are more convenient to use, more people are using them at work.
However, with the rise in mobile device usage comes the increase in the number of threats to their security. You must protect your business from any damaging threats, as these will cost you a lot of money and customer trust. If a business can’t recover quickly, it may end up shutting down for good.
Let’s take a look at some of the top mobile threats your business should become aware of:
A lot of existing mobile apps today cause unintentional data leaks. These are called “riskware,” or legitimate mobile applications that can be exploited by a malicious actor. These are usually downloaded free from mobile app stores like Google Play or Apple’s App Store.
Once installed on users’ devices, riskware apps ask for permission to access contacts, calls and messages, and location and storage, among others. Because many employees don’t bother to read the app’s prompts, and the app doesn’t allow full functionality if not granted all permissions, they tend to inadvertently allow the app to access everything on their phone.
For example, one of your employees installed a word processing app on their smartphone. Once they run it, the app will ask for permission to access not just the phone’s storage but also the saved messages. This becomes a way for the app to send personal and corporate data to remote servers, where they are mined by unscrupulous advertisers and exploited by cybercriminals.
To mitigate this problem, educate your employees to only give apps the necessary permissions. Remember that a note-taking app must not have access to someone’s text messages, while a travel app should not be able to make calls without permission.
#2. “Free” Wi-Fi hotspots
Many people hear or see the word "free" and they are easily hooked. This is especially true for free Wi-Fi connection. Cellular data is costly if not properly monitored, so many users look for free Wi-Fi hotspots in public places just to save money.
However, public Wi-Fi is not as secure as you think. Because anyone can connect to the network, hackers can launch man-in-the-middle (MITM) attacks to intercept traffic and eavesdrop on online activities. If one of your employees is working on a confidential file while using public Wi-Fi, hackers can easily steal the data. They can also listen in on calls and steal the identity of your employee via email.
Cybercriminals can also set up fake free Wi-Fi hotspots to lure people into their network and steal their data. They place these rogue access points in high-traffic public areas and use names like “Free public Wi-Fi” to make it look legitimate.
And because more websites these days implement protocols that encrypt data such as login credentials, hackers are now requiring users of their fake Wi-Fi hotspot to create an account before they are granted access to the internet. They hope that users will input the usual login credentials found on their email and social media accounts.
To mitigate the threats of public Wi-Fi hotspots, teach your employees not to connect to them, especially if they need to access company files and applications. Should they really need to connect, recommend they use a virtual private network (VPN) to create a secure connection to the internet, making it impossible for the hacker to steal your company data.
#3. Email phishing
With the rise of mobile devices, email is no longer restricted to desktops and laptops. Anyone can check and reply to emails on their smartphones. This also makes people more vulnerable to phishing attacks just like those who access their email on desktops.
Tell your workforce to not open suspicious-looking emails. If a link looks dubious, tap and hold the link until the mail app displays the real destination. For example, the email body may display the link as “paypal.com/login,” but it might actually lead to a shady website like “paypalcom.xyz/login”.
#4. Outdated devices
Mobile devices generally don’t come with a guarantee of timely software updates. This is particularly true of the Android ecosystem, where most smartphone manufacturers are inefficient at deploying feature and security updates. This leaves many devices vulnerable to many cyberthreats. If several of your employees own such smartphones, that makes your company even more vulnerable to data breaches.
It’s also important to note that extended use of outdated mobile platforms elevates the overall cost of a data breach. According to a Ponemon Institute study, a single device infected with malware can cost the victim organization $9,485, which may be difficult for small- to medium-sized businesses (SMBs) to afford.
Unfortunately, controlling mobile device use is difficult. To protect your business from the perils of outdated mobile devices, you can implement mobile application containerization. This technology builds a secure environment within a mobile device that serves as a safe location for your company’s confidential information. It offers an isolated workspace containing applications provided by the IT department to ensure that your data is still safe even when using outdated phones.
You can also seek the help of a managed IT services provider (MSP) like Binatech to properly provide mobile cybersecurity in your Hamilton, Mississauga, or Buffalo office. By choosing us, your business can be assured of proactive maintenance and protection against all cyberthreats, so you can focus on growing your business even further. Schedule a FREE network assessment today!