Enterprises use a combination of top-rated technology options and best practices in keeping away attackers who have become emboldened and more sophisticated. For example, businesses use a wide range of security solutions to protect their data both in motion and residing in the cloud or physical storage. You will find a wide array of tools ranging from firewalls to data loss prevention software.
Despite all these efforts to secure networks and data, the mobile endpoint remains the most significant security challenges for enterprises today. Attackers are aware of this and are always finding ways of exploiting mobile endpoints each day. Verizon’s study revealed that four out of 10 companies suffered a breach through a mobile device.
Mobile devices have been identified to be behind the most high profile attacks in recent times. An attack on Amazon highlighted how an alleged compromised iPhone could be used to target networks. Mobile devices can be compromised without the use of sophisticated brute force techniques.
Mobile devices are easily compromised through simple phishing techniques. These types of attacks have been on the rise with the widespread use of mobile devices and, more recently, with the massive shift to remote work due to the COVID-19 pandemic. A survey by Lookout indicated that there was an increase of 37% in enterprise mobile phishing in the first quarter of 2020. Other methods used to compromise mobile devices include malicious applications and malicious Wi-Fi hotspots.
What Are the Consequences of Poor Mobile Device Security?
Any lapses in mobile endpoint security will have far-reaching consequences, especially for enterprise environments. Security teams are wary of mobile ransomware payloads that can have terrible outcomes since they are challenging to detect and get rid of them.
Once a successful malware payload has been deployed through some of the standard attack methods, the attacker gains access to the mobile device’s corporate network. The common techniques used to introduce a malware payload include malicious app downloads and text phishing. After gaining access to the corporate network, an attack will encrypt files on other network-connected devices and ask for ransom.
Some spyware payloads allow attackers to gain entry into an enterprise network through the mobile device. Attackers are also in a position to access a device’s camera, microphone, and location services. Data collected through device snooping can be used as per the objectives of the attacker. The data can be sold to the highest bidder on the Dark Web or can be used to initiate subsequent but sophisticated phishing attacks.
Phishing attacks disguise commonly used applications such as bank accounts to dupe users into entering sensitive data into a mobile device’s phony login request. Similar phishing attempts are also possible through enterprise apps such as Dropbox and Microsoft 365. By giving out login information, attackers will be in a position to enter a corporate account and steal critical company data.
The ever-changing mobile technology world makes it difficult to guarantee security. The most commonly used security solutions include:
- Endpoint protection
- Application security solutions
- The use of VPNs
- Avoiding public Wi-Fi hotspots
However, other best practices and best-in-class technology can be used to secure mobile endpoints and prevent enterprises from exposure to an increasing number of threats.
- Ensure that device OS and apps are updated: Ensure that all devices connected to a corporate network have up-to-date operating systems. Many updates will include vulnerability patches to help keep hackers seeking to exploit mobile devices at bay. Ensure that the auto-update settings for applications or OS are turned on so that your device receives patches whenever they are available.
- Use verified apps: Ensure that all devices connect to an enterprise’s network download apps from official app stores such as Apple App Store and Google Play. Attackers duplicate some popular apps and lace them with malware before making them available on third party sites.
- Invest in security awareness training for all employees: Humans are the weakest link in any security system or enterprise environment. Security awareness training will equip employees with the necessary knowledge and skills to identify and stay away from malicious links and other social engineering attempts. Employees will be better equipped to avoid taking the bait and ushering in attackers on the network. All security measures taken will be rendered useless once malware has already infiltrated a device.
- Ensure that data is encrypted: All sensitive data, documents, and communications for a corporate entity must be encrypted — Amy corporate organization must-have policy with regard to data encryption and the requirements involved. The level of encryption must be consistent with the sensitivity of the data handled by the organization. A good example is that of a financial services company that should be very strict with the data encryption policies. It should also ensure that employees are using verified communication platforms that have end-to-end encryption and fall within the compliance regulations put in place.
- Use strong passwords and password management: The organization should put in place a stringent password policy. Every password should incorporate random characters and should not be shorter than 15 characters in length. Employees should be discouraged from using the same password across both personal and enterprise accounts. Finally, the principle of least privileged access should be used across the organization.
In conclusion, mobile device attacks will increasingly become more frequent and sophisticated. The remote working arrangement may become the new norm following the COVID-19 pandemic meaning more network-connected devices will be coming online, increasing attack surfaces. The sending, receiving, and storage of sensitive corporate data on personal mobile devices will significantly risk organizations. Additionally, corporate organizations must re-evaluate how they view mobile security — it should never be an afterthought. Mobile endpoint security must be at the forefront of all security policies and practices.
Author: Alessandro Civati