WE'VE GOT YOU COVERED!

Corporate device security: Main threats that are lurking the industry

by Matias Wolff 30, Jan, 2017

Are you ready to pay a ransom for your own personal data? You better have your digital weapons prepared, because cyber attacks of this kind  against mobile device security are rapidly growing. The 2016 Internet Security Threat Report, developed by Symantec, stands that ransomware has increased 35% in the last year, and now it isn’t only attacking PCs but also smartphones, Mac and Linux systems.

Even more, this document also says that over 1 million web attacks were registered in 2015, and “75% of all legitimate websites have unpatched vulnerabilities, putting us all at risk.”

What could be worse than losing all your data? It’s like your whole life ending up in someone else’s power. Even worse, what if your company’s data is stolen and goes directly into the wrong hands?? Things could get real ugly, real quick.

So, let’s get prepared. Consultants and experts are constantly updating the main digital threats that are lurking the market from the darkness, waiting to stick their fangs in your precious data. Grab your zombie killing set and join us in this deadly mission.

Corporate device security

Device vulnerabilities

Ok, all of us are aware that Android is the most vulnerable operating system, but macOS and iOS are also being targeted by hackers.  Computer Business Review recently said that, according to the National Vulnerability Database, in 2015 there were 375 iOS vulnerabilities.

Basically, today’s risks are due to patching not being up-to-date, “as updates aren’t always scheduled by enterprises for mobile devices as they are for desktop PCs. Other vulnerabilities lie in the jailbreaking of devices and the use of custom ROMs on phones instead of the factory-supplied operating systems,” Computer Business Review adds.

Legit mobile apps that mine corporate information

According to eSecurity Planet, "enterprises face a far greater threat from the millions of generally available apps on their employees' devices than from mobile malware."

How is that? Well, when employees install and use mobile apps without permission, they are risking not only personal but also corporate data that’s stored in their devices. This is only going up. This source also says that “through 2017, 75 percent of all mobile security breaches will be through apps, not through deep technical attacks on the OS.”

So, the computer security strategy should be based on this big idea: Do not trust apps, not even legit ones. Build the right defense against this threat and, even more importantly, always keep it updated. Device management and mobile security is essentially a matter of time. Kill the zombies before they kill you.  

Unauthorized applications on the cloud

Similar to the problems with apps, the cloud could hide potential breaches if the IT resistance isn’t prepared for it. Let’s suppose that your company works with big cloud services like… (don’t worry, marketing guys, we’re not going to give names), and employees want to improve these services by installing apps, even unapproved apps. The alarms should jump at that very instant when an employee clicks on the “Install” button.

“The challenge is that the behaviour of these applications is unknown – in some cases apps accessing a cloud platform can potentially synchronise thousands of records to a mobile device without IT’s approval. Without the proper compensating controls, corporate data provided to these mobile apps can be at significant risk to accidental loss or explicit theft.” Computer Business Review explains.

Non-malicious but clueless insiders

Until today, in many companies across the globe employees are not really aware of the big damage that a corporate laptop could mean if it ends in the wrong hands. "Companies who do not have proper systems in place to educate employees about security risks leave themselves open to having sensitive data compromised by an employee leaving a mobile device at a restaurant and not reporting it lost or accessing files on their mobile on an unsecured coffee shop WiFi," eSecurity Planet says.

Keep your mobile devices and data safe

Authentication attacks

Do you remember that sci-fi movie where the bad guy pulls an executive’s eye out, and puts it in front of an eye-scanner to access a restricted area? While you’re digging into your memories for the name of that movie, be aware that external attacks are also aiming to break authentication technology.

Computer Business Review explains that "mobile devices will increasingly be targeted for broader credential stealing or authentication attacks to be used at a later date (...) To get a more complete understanding of the problem, we really have to think of mobile devices as conduits to the cloud. As the cloud gains more data, organizations facilitate the access of this data through various kinds of devices, whether desktop, tablet or mobile. Because of this, we will see criminals going after the mobile device – not to simply crack a phone code and steal data from the device itself – but as a vector into the growing data resources that the devices can freely access in the cloud."

These are just a few groups of fundamental issues that are currently alarming to the IT professionals, and it’s a constantly evolving problem, so IT experts must be ready and sharp to eliminate any zombies on the horizon.

Which other big threats do you see nowadays? Share your ideas with the world.

P.S. Stallone’s Demolition Man (1993). That’s the movie, and the bad guy was Simon Phoenix, played by Wesley Snipes. Remember the scene?

 

 

Matias Wolff
Matias Wolff

CMO at Prey. BA in Advertising with a major in Marketing from Universidad del Pacífico. Master in International Marketing at ESMA, Barcelona. 18 years’ experience in multinational companies. I am a volunteer at the Endeavor program, and teach Integrated Marketing Communications at the Masters in Innovation program, Universidad Católica de Chile.
Let's connect:   

check out our

Related Blog Posts

Customer Support should listen to The Boss and keep that human touch

by Fabián Núñez May 8, 2017

The Boss, Bruce Springsteen, said it best in his 1992 hit “Human Touch”: In a world without pity, do you think I'm asking..

Read More

5 Podcasts for IT Professionals

by Matias Wolff March 13, 2017

Being an IT professional has its perks. One thing that some might agree on is that when you work in IT you’re just sitting...

Read More

Asset management & advanced search: wizard's guide to label location

by Matias Wolff February 17, 2017

You’ve realized that an advanced search capacity is a must have tool to track your devices in multiple locations...

Read More

4 Challenges CIOs and IT Professionals will face in 2017

by Matias Wolff February 16, 2017

Hello 2017! Adiós 2016, a year that many wanted to leave behind. But now, a new period is starting, that will bring many..

Read More

The Current State of Handling Device Security in a BYOD system

by Matias Wolff February 14, 2017

There are many benefits for an institution that applies a BYOD system. Reduced costs, better use of the device’s..

Read More

IT management: who’s first, the CIO or the CTO?

by Matias Wolff February 10, 2017

Depending on their size and structure, organizations have a Chief Information Officer (CIO) and a Chief Technology Officer..

Read More