Mobile Security Action Plan

Use of personal devices at work have increased phenomenally with the onset of ‘Bring your own device’ common in many work environments. This approach enables enterprises to reduce IT capex spending for providing and maintaining technological resources. In contrast, this trend introduces new security risks to an organisation and requires a company to enact measures to prevent damage. Critically, third-party storage devices such as smartphones or USB’s are primary catalysts of valuable data leakage. Therefore, a simple click can create vulnerabilities that hackers could gain access to login credentials or even bank account credentials.

Here are few ways in which malware can potentially infect mobile devices:

  • Malicious apps – These involve using pirated tools to create malicious codes. Once downloaded, these compromised apps can steal sensitive data or damage the device.
  • Devices with vulnerable operating systems – Updating Mobile Devices regularly ensures present vulnerabilities are patched.
  • Opening spam emails, text messages, and voice mail– By opening unidentified links you will be creating a doorway for cyber-attacks like SMiShing attacks (through SMS). These attacks create backdoors to carryout phishing expeditions.
  • Connecting to unsecure Wi-Fi/ URL’s By accessing unprotected or fake internet connections, typically found in public places, or browsing insecure websites, you may expose your mobile device to man-in-the-middle attacks

An overview of Statistics :

Research studies on mobile vulnerabilities revealed that 38% of iOS mobile applications and 43% of Android applications contained high-risk vulnerabilities. Device security mechanism weakness catalyses vulnerabilities. Consequently, out of these discrepancies, 74% found in iOS and 57% in Android apps , which are statistically alarming.They should serve as a warning to administer policies and controls when utilising personal mobile devices for work. Therefore, It’s best to evaluate the following aspects that will help shape policy goals to implement regulations.

  • Employees execute tasks through personal devices.
  • Services that will give access to, and data exposure caps within those services.
  • Accessibility limits the employee may demand over their devices.
  • Ways to resolve issues on non compliant end users.
  • The correct combination of device ownership, management, and technical control can mitigate risk arising from vulnerabilities by taking these factors into account. Simultaneously, we will discuss the key technological approaches of mobile security management implementation .
  • Development of security management suites for device protection is known as Mobile Device and Application Management (MDM). This method does little to separate personal information and apps from company data. Even worse, it often leads to data loss. However, managing applications has overridden MDM shortcomings and has provided better solutions to curtail data loss. There are two main technical approaches that companies have adopted using this method

1. COPE method

COPE abbreviates to corporate-owned/managed, personally enabled. This method allows the company to have full management over the employees’ devices while allowing personal utility. Furthermore, this method is also feasible in situations where corporate-owned devices are at the disposal of employees. When a mobile device is managed (in iOS terms “supervised”) the organization that owns the device can install, update or restrict apps in the app store, filter web usage, configure WiFi settings, or block USB file transfers.

2. Personally owned, partially enterprise managed method

This method is a lighter device management approach. It enables some device-wide configuration policy enforcements and protects company data within apps or managed accounts. The benefit of this method is that it does not require data wipes. On the other hand, it doesn’t provide as much data security since it gives only partial control. For instance, in iOS’s, the company will restrict users from installing new configuration profiles that alter security settings.

Likewise, Companies opt Containerization method over app and data management since this method mainly avoids complete data wipes. Therefore, IT administrators can carry out a selective data wipe, and in turn, data loss issues can be curtailed. In this method, work-related tasks can be performed within an encrypted app facilitated by a Mobile Application Management service. Nevertheless, this method provides limited control over the device, it provides stronger control over the company’s apps and data. These contained applications prohibit copy and paste actions across applications and enable device monitoring.

Furthermore, our priority partners such as Microsoft and Google have published guidance for enterprises to configure accessibility to Office 365 and G Suite, from personal devices: Microsoft – Technical Guide: Office 365 UK Blueprint – BYOD Access Patterns Google – 6 ways that G Suite helps IT admins safely use BYOD

How Can We Help? At CSG Technologies, we can extend IT security and business continuity services tailored to fit your company’s needs. Our team of professionals is highly efficient and consists of a wide range of experience in curtailing cyber threats for various enterprises. Finally, we can help your company implement a viable mobile action plan while ensuring your network security from vulnerabilities associated with BYOD practices. Contact us today for more assistance.

Do you want to read more on this topic? Check out these articles:

Matt Parks

Matt Parks

About the Author: President & CEO, Matt has over 20 years building and leading high functioning teams
delivering exceptional results