The mobile workforce has gone from theory to reality for many organizations. Technology and demographic trends have driven the adoption of mobile work for businesses of all sizes, just as 24x7x365 business needs are leading businesses to encourage employees to be able to respond to issues anytime and anywhere. However, the rising mobile workforce brings with it a number of security challenges you cannot afford to ignore. Here are a few of them.
BYOD or Bring Your Own Device increases employee productivity. However, the more devices your employees use to work from, the more opportunities there are for infection. If you’re going to allow employees to access company data via personal devices, then it is essential to ensure that their antivirus and malware software is up to date and meets company standards.
BYOD can give businesses a competitive edge, sincecompanies don’t have to buy as many devices to support a mobile workforce. However, the company now has to worry about the data and login credentials stored on the employee’s stolen personal phone. The solution is MDM solutions that let a business remotely wipe devices that are lost or stolen – including the employee’s personal devices.
Furthermore, businesses can require them to have some sort of password protection for devices and further passwords to access important applications. This limits the damage that could arise if a device is lost or stolen.
Insider threats have always been a threat, but the mobile workforce makes it much easier. Employees who can only access sensitive data like cutting edge research or customer credit card data have less opportunity to leak it when they’re on a company workstation surrounded by fellow employees. If data is stored on their device or accessible from home, it may be easier to share it or sell it. This is why companies must implement strong access control and monitoring solutions that alert those who can do something about it when anomalous activity is detected. The challenge is balancing these security measures with employee privacy, especially when they’re using their own devices.
Security analysts have predicted that a quarter of corporate data would move directly from mobile devices to the cloud, bypassing “perimeter security”. However, this means that three quarters of data can still be protected by following a few network security tips. Businesses can encourage employees to remain on secured networks when accessing corporate data, such as only accessing enterprise systems from work. Smartphones in particular are susceptible to wi-fi hacking and man-in-the-middle attacks. Businesses can prohibit employees from accessing enterprise systems from unsecured networks like the one at the local coffee shop; educate them as to the danger; or invest in unlimited data contracts so that they never consider using open access points.
Mobile malware security threats are usually socially engineered. Malicious fake ads on mobile devices, browser-based attacks, infected malware spread through email, and suspicious downloads are all routes onto a device and, potentially, your network. Teaching employees not to download and use apps that don’t meet minimum security requirements while giving them approved safe sources is a good idea. This is worth the effort given that nearly three quarters of security breaches are the result of misconfigured (unsecured) apps, according to a Gartner study.