Today, cybercriminals and Canadian business leaders share a common challenge: both are trying to figure out how best to leverage Bring-Your-Own-Device (BYOD) and mobility trends to further their operations.
In fact, IDC Canada recently released a report on Canadian mobile habits that revealed Canadians urgently need help to secure their devices.
In the words of IDC Analyst Krista Napier: “The results are in, and they don’t look good: many Canadians are not practicing safe mobile security. But it’s not because they don’t think it’s important, it’s because they are unsure how.”
So how can business leaders ensure that users not only get the personalized, productive experience that they desire but do so in a manageable and secure way? They want to allow mobility and BYOD, but need to manage risk and maintain compliance and security in the face of cybercriminals.
The solution is to address the most significant issues facing a company’s mobile security: the maturation of mobile platforms and the growing use of mobile applications.
As mobile devices mature and perform more like traditional desktop and laptop computers, it becomes easier for criminals to design malware for them. This issue is amplified by the use of mobile applications and devices on unsecured, free wireless networks.
The reality is that while an organization’s security team is grappling with the “any-to-any problem” (how to secure any user, on any device, located anywhere, accessing any application or resource) employees may be putting your data at risk every day.
So what is the solution?
Watch our recent webcast on Keeping up with Secure Mobility.
To meet today’s security challenges head-on, organizations need to examine their security model holistically. In 2013 we reported unprecedented growth in mobile malware threats against specific devices, and these attacks figures are going to increase.This number will climb as mobile malware emerges as a logical area of exploitation for cybercrime.
Before an attack, business leaders must work with IT to institute a formal program for managing mobile devices to ensure that any device is secure before it can access the network.
Many organizations also unknowingly create the potential for a security threat if an employee’s device is lost or stolen, and not secured. Attackers can access intellectual property and other sensitive data through these lost and unsecured devices. Every IT organization should enforce a personal identification number (PIN), an automatic timeout lock, and have the ability to remotely wipe a device if it is lost or stolen. Encryption is also highly recommended as it helps to secure data at rest, and choosing and enforcing minimum operating system (OS) versions helps to limit exposure to known exploits.
Additionally, business leaders need to be aware of how to protect their data beyond mobile devices. And let me be clear – this is not just a concern for IT leaders. When data is stolen, corrupted or lost the entire organization is impacted, and it’s time for business leaders to take notice.
Make sure you are aware of what is on your network – devices, operating systems, users and applications, among others – as that will determine your security strategy and mobile processes. And if an organization is attacked, it is vital to have a formal plan in place that will allow it to determine the scope of the damage, contain the event, remediate and bring operations back to normal as soon as possible.
I encourage you to discover which security solution is right for your business and watch our recent webcast on Keeping up with Secure Mobility.