MOBILE SECURITY BLOG

Mobile devices represent the fastest growing attack surface and the widespread use of remote working has been accelerating it lately. Cybercriminals target enterprises through collaborators’ smartphones and tablets, betting on finding loopholes they will exploit to steal corporate data. Security heads are looking to extend their Zero Trust IT security strategy to mobile devices and apps, but the versatility of mobility makes it challenging.

The Zero Trust model is a security approach based on the principle of not trusting any network or data access request by default, and to secure all entry points. It has emerged as the most reliable way for companies to keep away cyberthreats evolving within their distant and immediate environment.

Workers are undeniably mobile with 80% of corporate tasks to take place on mobile devices in 2020¹. With 77% of the digital traffic² coming from smartphones and tablets, mobile protection comes as a central piece of the information security strategy of companies.

The advent of mobility drew a new paradigm where security gates have to be relocated beyond the enterprise perimeter. In that framework, legacy security practices are falling short to address a landscape characterized by a plethora and dynamicity of threats.

System and application updates always seem to pop up at less than timely moments, and most of us postpone them without second thoughts, for days, weeks, months… However, these updates represent an essential piece of systems’ stability and safety, as they include functionality enhancements and patches to security holes.

The pandemic situation requires governments to actively enjoin companies to set up remote working.

To keep up as much as possible with activities, enterprises are issuing additional corporate-owned devices or enabling BYOD usages multiplying access points to corporate data.

The Zero Trust model, first identified by the research firm Forrester, is a security approach based on the principle of not trusting any network or data access request by default, even when it comes from inside the company perimeter. Zero Trust goes beyond the identity approach which focuses on only authenticating the user. It has emerged as the most reliable way for companies to keep away cyberthreats evolving within their distant and immediate environment.