The growing need for data mobility and corporate devices makes it vital for companies to implement cybersecurity strategies that are adapted to new scenarios and challenges.
Reality has changed significantly for companies, with the mobility of both information and devices increasingly becoming fundamental pillars for success. However, this landscape presents numerous cybersecurity risks. According to the Cybersecurity Report 2020 from Check Point Software Technologies Ltd. a leading provider of cybersecurity solutions globally, almost 30% of businesses suffer from cyber attacks caused by the security compromise of a mobile device. Because mobile devices are now so intrinsically linked to corporate networks, a breach in mobile security can have a devastating impact on a company’s entire IT infrastructure, leading to downtime as well as the loss of business and brand credibility.
To avoid potential security breaches, here are some tips for companies to consider.
- Request user authentication: it is important to establish security measures such as screen locking by means of a password or built-in biometric authentication. This limits unauthorized access and forms a first barrier that keeps information on the phone protected.
- Encrypting data on mobile devices: data encryption is a fundamental solution to protect both the information stored on the devices and the information that it sends. Without the decryption key, unauthorized users won’t be able to access the data. Also, consider VPN since this provides a secure Internet connection by using private servers in remote locations. All data traveling between the device and the VPNserver is securely encrypted.
- Keep the operating system and apps updated: always do regular updates to ensure you have the latest available operating system for your device, and the programs and applications installed on it, is vital. New updates usually have the latest security fixes and patches.
- Avoid connecting to public Wi-Fi networks: these types of connections are unprotected and pose a very high risk to corporate data since they are easily hacked through Man-in-the-Middle attacks. It is therefore important to turn off the “automatic connection” function on your mobile device.
- Limit application downloads to trusted sources: downloading and installing any type of program that come from third-party sources can pose a serious risk to the privacy of corporate information, as well as to the integrity of the device itself.
- Don’t forget to backup: In case of a mobile breach, a mobile malware attack that makes the data inaccessible, or simply because a device is lost or stolen, the impact of the data loss should be minimized by having it accessible and up-to-date elsewhere. Make automated backups from mobile devices part of the IT security routine.
- Enable remote data access and deletion: The possibility of theft or loss of a device means it is important to have access tools to lock it and even remotely delete the data it contains. In this way, unwanted access to sensitive corporate information is prevented.
- Take precautions against mobile phishing: Check Point’s Brand Phishing Report states that mobile phones are the preferred target of cybercriminals, as 23% of attacks of this type during the first quarter of the year were directed at smartphones. Avoid clicking on suspicious links or files that could trigger the download of malware.
- Browse only secure websites: When visiting a website from a mobile device, make sure it is protected with an SSL security certificate (check for HTTPS before the domain name), which encrypts the user’s data.
- Conduct security audits on mobile devices: It is important to periodically check the “health” of mobile devices to detect vulnerabilities and security holes that may pose a risk to the entire corporate network.
“While companies must adapt to new realities that drive data connectivity and mobility, it is essential they are aware of the challenges that this poses to corporate information security,” said Yael Macias, Product Marketing Manager at Check Point. “Given the growing number of devices connected to corporate networks, companies should adopt a cybersecurity strategy based on threat prevention that can scale and protect a larger number of devices and connection points”, added Yael.
Providing employees access to important business information via mobile devices improves productivity but also exposes companies and their networks to significant risk. Many businesses mistakenly try to solve this problem by employing endpoint management solutions, but soon discover that approach ineffective against sophisticated zero-day threats.
SandBlast Mobile keeps business assets and sensitive data safe from cyber-attacks through extensive threat detection and mitigation. Its unique, on-device network protection technology includes various features such as anti-phishing, safe browsing, anti-bot, and conditional access capabilities.