By 2020, 60 per cent of the world will access the internet via their mobile devices, according to a GSMA Intelligence report. Thanks to the rise of BYOD, mobile devices have become an essential workplace tool around the world. Nearly three-quarters of enterprises allow some employees to use their personal device in the workplace, and it’s widely believed that doing so increases staff productivity and mobility, and keeps employees happier in their roles.
With so many benefits, why wouldn’t you support mobile working?
Hackers on the prowl
In recent years, mobile devices have been increasingly targeted by hackers who view them as an exploitable weakness in the business world. They want to steal data stored on individual devices or use them as a gateway to sneak into corporate networks undetected. The problems are compounded by the dearth of satisfactory security policies implemented for employee-owned devices – even ones that connect to the network.
The repercussions for organisations could be – and are – severe. Regulatory fines, legal fees and clean-up costs can all stem from data breaches. Not to mention the fallout from reputational damage, which can include lost customers and a fall in share price.
Here are five key threats to watch out for when it comes to spotting potential cybercrime as quickly as possible:
Innocuous-looking links and attachments can surreptitiously harbour malware. On mobile devices, the threat comes not only from unsolicited emails but also SMS.
- Kernel exploits
Among the most serious threats, kernel exploits let attackers take complete control of targeted devices remotely.
- Malicious apps
One of the most common methods of spreading malware, these legitimate-looking apps are often found on third-party app stores, but sometimes they find their way to official platforms like Google Play and the App Store.
- Man-in-the-middle attacks
This attack typically occurs when using unsecured public Wi-Fi. It can let hackers monitor everything you’re doing on your mobile and expose corporate logins. This poses even greater risk when you consider that over one-quarter of UK workers admit to using the same password for personal and corporate accounts.
- Rogue base station/access point
Relatively rare compared to the threats listed above, if an attacker successfully installs a rogue base station it could reveal corporate credentials without the user even realising it, especially since mobiles automatically connect.
User education can alleviate many of these threats, but it must be combined with a security policy updated for the mobile age. Consider implementing an enterprise mobile management solution, or even blocking devices from connecting to the network if they aren’t on a pre-approved list.