Cybercrime is a highly competitive, billion-dollar business. With so much of today’s business taking place online and on mobile, this means your devices are under attack and potentially offer attackers a fast route to undermine mobile enterprise security.
Cybercriminals are targeting wealthy countries with malware that can cripple any business. Looking back to 2017 and still remains one of the largest global ransomware attacks to this day, the WannaCry ransomware attack hit 200,000 users in 150 countries, locking corporate files and demanding a ransom be paid to decrypt their company data.
At this time, it was common for enterprises to allocate a fair chunk of their IT budget to desktop and server threat security – but next to nothing to protecting mobile devices.
Mobile enterprise security more important than ever
Despite the passage of time, numerous businesses have still failed to take heed of the message: If you have employees accessing company data or emails online using their smartphone or tablet you need a robust mobile enterprise security strategy. Without one, you’re vulnerable and exposing your business to risk.
In this blog, we identify five ways your mobile technology leaves you exposed, and offer advice to shore up mobile enterprise security:
3. Jailbroken and Rooted Smart Devices
1. App Exposure
Apps are incredibly useful in business, but some have the potential to do more harm than good. Many apps access services on your device such as your contacts and calendar without your knowledge or a clear reason. It’s also difficult to determine if an app is securing the data it stores or transmits.
To overcome this potential risk, it’s important to identify and mitigate security threats before they take hold using mobile threat applications, such as Lookout. For peace of mind, this technology detects which services the application is trying to access on your device, where your data is being sent, and if it is encrypted.
2. Location-based Services
One tactic favoured by today’s cybercriminals is using malware that is geo-targeted to a specific business, city, state or other demographic. Ransomware is also geo-targeted to access your data, encrypt it and demand that you pay for its release.
Many apps have access to location-based services for no reason, for example, the Flashlight app. In September 2019, Avast Security Evangelist Luis Corrons published a blog discussing some research he did on flashlight Android applications. He found that of 937 flashlight apps on the Google Play Store, 408 request 10 permissions or less, while 262 apps require 50 permissions or more. Two apps requested 77 permissions, and another three requested 76.
As Corrons says in his post, “The concern should not just be around the amount of permissions, but around what we give apps access to.” It’s good practice to turn off the location access for any apps that don’t have a specific need for it to minimise the risk of malware and ransomware attack.
3. Jailbroken and Rooted Smart Devices
Jailbreaking, or rooting, opens access to operating system files that are normally protected. Jailbroken devices can access app stores offering free versions of paid apps, but these often have malicious code added. Jailbroken devices are exposed to zero-day virus vulnerabilities, which can enable remote access.
Security products by Lookout or Zimperium make it easy to identify compromised devices, as well as many other device threats. Make no mistake, if you discover any jailbroken devices in your organisation’s mobile technology, they pose a serious threat to your security. Once identified, you need to restore them to their original factory settings or, at the very least, prevent them from accessing network resources.
4. Obsolete OS versions
Running multiple OS versions is costly to support and provides an increased opportunity for criminals to attack. Yet, all too often, end users access sensitive company data using devices with outdated OS versions with known vulnerabilities.
For example, security bugs exploiting remote vulnerabilities requiring no user interaction were being used to attack the iPhone via the iMessage client were iMessage client were patched with Apple's iOS 12.4 release. Versions prior to this release are still vulnerable to these security bugs allowing attackers to hack into victims' devices undetected.
This situation is easily avoided by auditing your mobile technology to make sure they’re all running on the latest OS. If this sounds like a lot of work, don’t worry, a good MDM platform will do it for you.
As part of the ongoing management of your mobile devices, it’s also important you have a system that alerts you as soon as new versions are released. And, make sure your enforcement policy for end users insists all corporate and workforce BYOD are all up to date and running on the latest OS.
5. Juice Jacking
There seems to be no end to the innovative ways hackers use to gain access to physical devices. Take juice jacking for example. It’s a cyber-attack with a difference.
The malware is installed onto a device when a user plugs into a compromised public charging station at an airport, train station or shopping centre. The malware downloads malicious code that then allows an attacker to download other vulnerabilities onto the device, providing access to corporate data and a backdoor into your network.
Ensure your enterprise mobility policies include educating your staff on the possible risks of device access threats, including using public charging stations, and advise them to plan ahead to avoid using them altogether when possible.
Ways to enhance mobile enterprise security
Although security threats to mobile technology are growing more numerous and more sophisticated by the day, there is now so much you can do to enhance mobile enterprise security, protect your devices, and keep your data safe.
You should have a policy that enforces the backup of individual users’ devices as well as your company data. Keep your OS and apps up to date and educate employees on malicious emails and SMS that enable zero day vulnerabilities to be downloaded. And any BYOD device needs, at a minimum, lock screen passwords and should be checked thoroughly for jailbroken devices and malicious apps.
Managing your mobile technology is complex, but help is available. Using MDM systems with Endpoint Threat detection apps will provide a high-level of security protection.
Mobile Threat Defence from organisations such as Lookout and Zimperium offer advanced threat detection capability and can also auto-remediate. For instance, it will sense danger and deny access to a known malicious public Wi-Fi access point if needed.
If you’re struggling to find the time, resources or expertise to protect your mobile technology, a Managed Mobility Service Provider can help you bring it together. We’ll work with you to plan and implement a mobile security strategy and make sure your mobile devices are protected now and in the future.
Struggling to manage your mobile fleet?
Do you have questions about securing your organisation’s mobile technology? We’d love to hear from you!
Original Post: 24 October 2019