The mobile phone is used everywhere both personally and professionally. Many organizations have policies BYOD, which allow and encourage employees to use their own personal cell phones at work.
A recent report examines the use of mobile devices in corporate networks and the dangers of mobile malware. The report also provides advice on protection organizations from mobile malware and threats.
The report also cites the findings of previous studies. One of them discovered that 80% of employees use their personal mobile phones for work and another found that the 70% of businesses allow employees to bring their own devices to work.
At the same time, malware is constantly growing (750 million malware in more than 10 billion attacks). Mobile malware makes up a small percentage of this total, however it may be very dangerous because they can access sensitive people information.
In particular, credit card data, personal information and more can be obtained through applications Software-as-a-Service (SaaS) used in mobile phones.
Mobile devices can open the door to many threats that are mainly related to mobile malware.
Most mobile devices have one large number of applications, including email, SaaS-based applications, cloud storage, social media, games and news applications.
The more applications there are, the more updates are needed, and the more accessible protocols there are. In addition, the more time the user spends on the device, the greater the risk of infection from some mobile malware or other threat.
More attack opportunities
The growing number services cloud on mobile devices can give more opportunities for theft data or for unauthorized access to sensitive information.
Attackers use various ways to infect employees' devices with mobile malware and gain access to corporate networks.
Mobile devices are equipped with certain features such as cameras and microphones that can be easily exploited by hackers for malicious purposes. A compromised cell phone can be used to take photos, sensitive documents, presentations, etc.
Personal vs professional use
Users can easily combine personal and business contacts and other information. This means that mistakes can be made, such as sending sensitive corporate data to the wrong person or post on personal social media.
In order for organizations to be protected from mobile malware and related threats they must follow the following tips:
1. Limit the use of personal cell phones
One of the most effective ways to protect the work environment is to limit the use of personal cell phones for work-related purposes.
2. Monitor the network
Be sure to use network detection and response (NDR) solutions to analyze mobile traffic.
3. Check BYOD policies
Make sure BYOD policies are strict enough. It should be clear which applications are allowed and which are not and how to use them properly.
4. Mobile device management
Implement strict policies for Appliances. Make sure there are policies that lock devices, secure VPN access, etc.
5. Multi-Factor Authentication (MFA)
This method of protection is very common and is necessary as an extra barrier for hackers.
6. User training
Users are the first line of defense. Training must be regular, because hackers and creators of mobile and other malware are constantly improving their methods.