WE'VE GOT YOU COVERED!

Corporate device security: Main threats that are lurking the industry

by Toncy Dunlop 26, Dec, 2016

Are you ready to pay a ransom for your own personal data? You better have your digital weapons prepared, because cyber attacks of this kind  against mobile device security are rapidly growing. The 2016 Internet Security Threat Report, developed by Symantec, stands that ransomware has increased 35% in the last year, and now it isn’t only attacking PCs but also smartphones, Mac and Linux systems.

Even more, this document also says that over 1 million web attacks were registered in 2015, and “75% of all legitimate websites have unpatched vulnerabilities, putting us all at risk.”

What could be worse than losing all your data? It’s like your whole life ending up in someone else’s power. Even worse, what if your company’s data is stolen and goes directly into the wrong hands?? Things could get real ugly, real quick.

So, let’s get prepared. Consultants and experts are constantly updating the main digital threats that are lurking the market from the darkness, waiting to stick their fangs in your precious data. Grab your zombie killing set and join us in this deadly mission.

Corporate device security

Device vulnerabilities

Ok, all of us are aware that Android is the most vulnerable operating system, but macOS and iOS are also being targeted by hackers.  Computer Business Review recently said that, according to the National Vulnerability Database, in 2015 there were 375 iOS vulnerabilities.

Basically, today’s risks are due to patching not being up-to-date, “as updates aren’t always scheduled by enterprises for mobile devices as they are for desktop PCs. Other vulnerabilities lie in the jailbreaking of devices and the use of custom ROMs on phones instead of the factory-supplied operating systems,” Computer Business Review adds.

Legit mobile apps that mine corporate information

According to eSecurity Planet, "enterprises face a far greater threat from the millions of generally available apps on their employees' devices than from mobile malware."

How is that? Well, when employees install and use mobile apps without permission, they are risking not only personal but also corporate data that’s stored in their devices. This is only going up. This source also says that “through 2017, 75 percent of all mobile security breaches will be through apps, not through deep technical attacks on the OS.”

So, the computer security strategy should be based on this big idea: Do not trust apps, not even legit ones. Build the right defense against this threat and, even more importantly, always keep it updated. Device management and mobile security is essentially a matter of time. Kill the zombies before they kill you.  

Unauthorized applications on the cloud

Similar to the problems with apps, the cloud could hide potential breaches if the IT resistance isn’t prepared for it. Let’s suppose that your company works with big cloud services like… (don’t worry, marketing guys, we’re not going to give names), and employees want to improve these services by installing apps, even unapproved apps. The alarms should jump at that very instant when an employee clicks on the “Install” button.

“The challenge is that the behaviour of these applications is unknown – in some cases apps accessing a cloud platform can potentially synchronise thousands of records to a mobile device without IT’s approval. Without the proper compensating controls, corporate data provided to these mobile apps can be at significant risk to accidental loss or explicit theft.” Computer Business Review explains.

Non-malicious but clueless insiders

Until today, in many companies across the globe employees are not really aware of the big damage that a corporate laptop could mean if it ends in the wrong hands. "Companies who do not have proper systems in place to educate employees about security risks leave themselves open to having sensitive data compromised by an employee leaving a mobile device at a restaurant and not reporting it lost or accessing files on their mobile on an unsecured coffee shop WiFi," eSecurity Planet says.

Authentication attacks

Do you remember that sci-fi movie where the bad guy pulls an executive’s eye out, and puts it in front of an eye-scanner to access a restricted area? While you’re digging into your memories for the name of that movie, be aware that external attacks are also aiming to break authentication technology.

Computer Business Review explains that "mobile devices will increasingly be targeted for broader credential stealing or authentication attacks to be used at a later date (...) To get a more complete understanding of the problem, we really have to think of mobile devices as conduits to the cloud. As the cloud gains more data, organizations facilitate the access of this data through various kinds of devices, whether desktop, tablet or mobile. Because of this, we will see criminals going after the mobile device – not to simply crack a phone code and steal data from the device itself – but as a vector into the growing data resources that the devices can freely access in the cloud."

These are just a few groups of fundamental issues that are currently alarming to the IT professionals, and it’s a constantly evolving problem, so IT experts must be ready and sharp to eliminate any zombies on the horizon.

Which other big threats do you see nowadays? Share your ideas with the world.

P.S. Stallone’s Demolition Man (1993). That’s the movie, and the bad guy was Simon Phoenix, played by Wesley Snipes. Remember the scene?

 

 

Device recovery and management

Toncy Dunlop
Toncy Dunlop

I'm a literature graduate who found her place in the company that will help you get your lost devices back. I'm into anime, weightlifting, and reading the kind of poetry that will make me wish I wrote myself.
Let's connect:   

check out our

Related Blog Posts

10 books every IT Manager should read

by Toncy Dunlop January 16, 2017

Don't worry, I get it. Reading an actual physical book is so ten years ago. Today with the technology there could even be an..

Read More

Worst data security breaches of 2016

by Toncy Dunlop January 13, 2017

2016 was a busy year for our arch-nemesis, The Hackers. Data security and theft recovery is a serious issue. Sometimes..

Read More

5 great Chrome extensions for IT Managers

by Toncy Dunlop January 10, 2017

Chrome is the world’s most used web browser, and whether you like it or not, 73% of Internet users have it as their..

Read More

5 Great Events and Keynotes for IT Managers this 2017

by Toncy Dunlop January 5, 2017

Being an IT Professional has its ups and downs, and one of the main perks of being one is that you must always be informed..

Read More

How to make device security in educational institutions unbreakable

by Toncy Dunlop December 21, 2016

Nearly 97% of U.S. college students have a cellphone, and 79% own a laptop. That’s a lot, right? Problem is that both..

Read More