Summer is here and employees will be going on holiday soon. While some of them will totally disconnect, some others will continue to read their work emails or to check their corporate applications from wherever they are. That is when things usually go wrong.
Being on the move for holidays means connections to free WiFi (airport, hotels, restaurants …), installing new games for the kids from third-party app stores and even worst case scenario, losing your smartphone in the taxi… So before you noticed it, it’s all your corporate data that is at risk.
What Mobile Security risks your company is exposed to and how to face them?
50% of mobile applications installed on a device feature intrusive behaviors that automatically send, modify or delete user’s data, and it gets even worst when Apps come from third-party App stores. Even though some Apps require permissions to manipulate data, in many cases those boundaries are bypassed and data leakage is performed without users’ knowing it. Contacts, email addresses, files and device location data can be exposed to unscrupulous people. More data in the Mobile Applications Threats Report - S1 2017
Tip: If you are using an EMM solution to manage your mobile fleet, make sure to constantly populate Applications' whitelist & blacklist with updated and accurate data. Also, it’s recommended to use an on-device agent that will automatically analyze new apps’ behaviors and only allows the execution of the safest one.
Data contained in corporate mobile apps might be accessed and stolen by a malicious app installed on the same device. If like most people your employees have around 100 Apps installed on their smartphones, statistics show that one of them is likely to be malicious. Once cohabiting in the same environment, the malicious app can attack your corporate app (keylogger, screenlogger, overlay…) to steal and exploit your data.
Tip: Embed a Runtime Application Self-Protection SDK (RASP) within your Apps’ source codes. They will then automatically protect themselves from on-device threats.
Some employees’ devices are configured to identify and attempt to connect to any open wireless access point to retrieve data from the Internet. This means devices get automatically connected to the restaurant or supermarket WiFi. Once connected to an unprotected network, hackers can attack the device and steal all its data (Man-in-the-middle attack).
Tip: Employees should deactivate the automatic wireless connection on their devices and you should advise them to avoid accessing to any corporate data through open networks. It is important to have a security solution directly on the device that will trigger a user alert if wireless connections are switched on.
For those employees who want to have more permissive devices, jail-breaking or rooting their device is common practice. The device’s system becomes easier to manipulate and to takeover.
Tip: Devices used for professional purpose, whether they are employees or company property, should not be jailbroken or rooted. It is highly recommended to have an agent based solution in place, directly embedded on the device, which can identify if a device has been rooted or jailbroken so far and even prevent from malicious Apps attempting to do so without the user awareness.
Outdated devices are a big security risk for your company. One of the main purposes for OS updates is actually security patches. Hackers get tipped off to the vulnerabilities of the previous versions when security patches are released. Then, they are able to set attacks targeting devices using an older OS version in order to extract both personal and company’s data.
Tip: The Operating System of your devices should be kept up-to-date. An update is available? Make sure that your employees install it right away; it probably holds important security corrections of your current OS version’s detected breaches.
Over half of security breaches occur when devices are lost or stolen. In the best case scenario, smartphone thieves resell the device without diving into its content. But in some observed cases, pickpockets ask hackers to mine the device for data and then sell it on the dark web.
Tip: Use an on-device agent that will allow security managers to wipe lost or stolen devices once declared missing.