The use of mobile phones at work has grown steadily as cloud tools have become more powerful and workforces have become more mobile.
Mobile devices now comprise approximately 60% of the endpoints in organizations and take on about 80% of the workload. That may seem like it’s not possible but think of all the employees that check email from a smartphone, find it easier to work from a tablet, etc. You can see how mobile devices have become office workhorses.
A big problem with this transition is that mobile device IT security is often lagging. Many companies don’t have the same protocols in place for data accessed from mobile devices as they do for data accessed from computers.
A recent report from Verizon on mobile security spelled out several troubling trends that impact a company’s risk of a costly data breach or malware infection.
Here are some of the key findings.
When Mobile Devices are Compromised, It Can Have Severe Consequences
Mobile devices are still looked at a little differently by many, even though they can pretty much access all the same types of data as a computer. For example, sending and receiving email, accessing a CRM, handling online banking, accounting, and more.
When a mobile device is lost, stolen, or compromised due to malware, it’s not just data loss that can happen. Infected mobile devices can infect an entire network of devices, just like a PC.
Some of the cybersecurity consequences of having a smartphone compromised are:
- Downtime/lost productivity
- Damage to reputation (e.g., because of a data breach)
- Regulatory penalties
- Loss of business
Mobile Devices Are Already a Security Problem
Nearly 1,000 mobile security and management professionals and 13 security companies and law enforcement agencies were surveyed for the report. Their responses indicated that mobile devices have already been causing severe security issues for businesses.
So, this is not a “coming soon” threat, it’s a threat that could cause you to have a data breach tomorrow.
40% of survey respondents said that mobile devices were the biggest threat to IT security, and 53% said they’ve suffered major consequences due to a mobile device-related security incident.
COVID-19 & Remote Workers Have Increased the Threat
79% of surveyed organizations said they’ve seen an increase in remote work due to the pandemic. This has happened across the globe, and it’s caused a field day for hackers.
90% of companies saw an increased risk of cyberattack during the pandemic.
Employees working from home will often work from their smartphone or tablet, and many companies have no idea how secure those devices are. Yet they are connecting to sensitive work data daily.
Nearly all (97%) of those surveyed stated that remote workers were more at risk of a breach than in-office workers.
People Aren’t as Careful on Mobile Devices
While someone may never dream of visiting an adult website or prohibited social media site on their office workstation, they may not think twice about doing the same on a work mobile device.
Some telling statistics on employee behavior that’s put companies more at risk of a breach via a mobile device include:
- 45% of those surveyed said that social media use was prohibited on company devices, but they knew employees used it anyway.
- In 2020, there was a 600% increase in visits to adult content websites from devices used for work.
- 49% of employees allow their friends or family to use their work devices.
- 92% of companies haven’t taken any precautions to block the use of public Wi-Fi on work mobile devices.
Mobile App Security Has a Ways to Go
Working through mobile apps as compared to PC software can have inherent security risks, through no fault of the user.
During the study, it was seen that 1 in 25 apps was found to leak user credentials.
Many companies also relaxed policies related to the use of apps by employees, allowing them to download what they needed while working remotely.
What Steps Can You Take to Better Secure Mobile Devices?
It’s important to incorporate mobile security into your overall cybersecurity strategy. Mobile devices now make up a majority of the endpoints in a company, which means they also make up a majority of the risk.
Here are some of the safeguards you can take to better secure smartphones and tablets used for business purposes:
- Have employees use a business VPN.
- Use a mobile device manager (like Microsoft Intune) to monitor device access to data.
- Ensure mobile devices are being updated regularly.
- Use mobile antivirus/anti-malware.
- Put a mobile device policy in place that prohibits sharing of devices, requires screen locks and “find my phone” to be enabled, etc.
- Only allow approved mobile devices to be used to access company applications.
Get Help Updating Your IT Security to Safeguard Mobile
Unity IT can help your Fresno area business review your current mobile device security plan and make the necessary updates to ensure your network isn’t left at risk.
Contact us today to schedule a technology consultation at 559-297-1007 or reach out online.