When the cellular phone was first introduced, it served only one purpose — to make and receive phone calls. Over the years, we have watched the device evolve and incorporate more and more features. Its evolution changed the way we communicate with texting, video chatting, and email capabilities. It has replaced everyday items such as watches, calendars, the boom-box, CD/mp3 players, books, and cameras. It’s next victim? The wallet.
A cellular device is arguably a one-stop shop for almost everything, and a necessary tool for professionals today.
Mobile devices are a staple in today’s world, contributing to the rise of BYOD (Bring Your Own Device). By now, you are probably well aware of some of its advantages and disadvantages. One of the biggest concerns of BYOD is security, with the largest threat arguably being a company's employees. Here are the ways employees are unintentionally making sensitive work data more vulnerable to a breach.
RELATED: BYOD Brings New Security Challenges
Downloading Unsafe Mobile Applications
Earlier this year, Veracode, an application security company, discovered approximately 2,400 unsafe mobile applications on employee devices in an average large global enterprise. This was only a small sample of the 14,000 unsafe mobile applications that Veracode has recently discovered.
Of these applications:
These applications came from a mix of commercial applications from public app stores, and were typically downloaded by employees.
Mobile Malware & Risky Behaviors
As mobile malware becomes more prevalent, it is also a growing concern within the realm of BYOD security. Late last year, WireLurker attacked non-jailbroken Android and iOS devices. And just last month, Android discovered a flaw that made users vulnerable to an attack that could replace a legitimate app with malicious software, which would then collect sensitive data from a phone.
New mobile device technologies and the cloud have given users the ability to access corporate data from anywhere between the home and office. As technologies develop and emerge on the mobile platform, so do its threats, which is why it is so important for BYODers to take the extra step to ensure that their devices are as secure as can be. However, studies have shown that this is not necessarily the case.
According to Lookout’s Mobile Privacy IQ study, a large percentage of smart phone owners claim to be privacy savvy. In spite of this, respondents admitted to engaging in behaviors that could put sensitive work data at risk, such as connecting to public/open wi-fi (76%) or downloading apps from unofficial marketplaces (33%). Survey results also revealed that nearly 60% of respondents cared the least about protecting the work data on their phones.
Considering the many instances of data breaches in recent years, these statistics are quite unsettling.There are so many benefits to BYOD, but is it worth the risk? If your company has met with a managed services provider (MSP) in order to put a secure BYOD policy in place, you are most definitely on the right track. However, you may also want to consider reaching out to your MSP for assistance in thoroughly educating your employees regarding the dangers of risky mobile behaviors.
Another way to mitigate the consequences that come with employees engaging in risky behaviors under a BYOD policy is to make sure that the applications used to access company data are secure. To ensure this, an MSP can be your single point of contact for vendor management and help your business identify the best software and app developers to collaborate with. They can also provide you with the best MDM (Mobile Device Management) solution and a secure private cloud platform to ensure that your data is protected.