Mobile devices are a way of life these days. According to Pew Research, 81% of Americans own a smartphone, and more than 50% also own a tablet device of some kind. We’re getting so accustomed to carrying our devices everywhere that many of us don’t think twice about using them for work as well as personal activities. But how are these mobile devices impacting network security?
The Drawbacks of Mobile Devices at Work
There are pros and cons of mobile devices in the workplace. Some organizations are concerned that these devices can be a distraction. However, more often than not, mobile devices can be a boon to productivity and customer service. These days, when you ask a store clerk if they have an item in stock, they’re very likely to look up the answer on a smartphone, probably their own.
But do mobile devices pose a threat to your IT security?
There’s no other way to say this: Yes, they do. One of the biggest challenges, particularly with mobile devices such as smartphones and tablets, is the risk of their data being stolen. While the devices themselves are easy to replace, they can be used as an inroad to your primary systems and data. (The risk gets even worse when your staff doesn’t notify you right away that the personal device you authorized to gain access to internal systems has been stolen.)
In addition, the devices themselves may contain sensitive data, e.g., when a sales rep collects payment information in a mobile sales environment. But even if your employees only use their devices to access their email, there still may be sensitive information on that device because not enough people heed the warnings against sharing personal info over email.
Can the data on mobile devices be encrypted?
Of course, but for one reason or another, it often isn’t. If the device is a personal one, encryption rules can be harder to enforce. Or, your encryption protocols may not be followed as well as you think. This was the case for a hospital system in Illinois. They routinely encrypted their mobile devices but had a technical issue with the latest version of their encryption software. As luck would have it, that’s when one of their laptops was stolen.
IoT Increases Exposure
It’s not only mobile devices that present a risk to your systems and data. The number of devices used in industry is expanding rapidly. In manufacturing alone, the IoT (Internet of Things) is expected to see an annual compounded growth rate of 40% for the next seven years.
Mobile devices aren’t just the autonomous robots that get talked about in the latest tech blogs. They include everything from the security camera that’s wired into your network to the minimally intelligent environmental controls in your office that you can access from a smartphone app.
Malware such as Mirai can be used to infect these devices by exploiting the factory-set passwords that companies often don’t bother to change. As Paul Mazzucco, our Chief Security Officer, said in a recent interview, “Mirai made it abundantly clear that the IoT botnets were not going to just attack home devices with minimal security. Hackers were going to go after industrial devices as well and in a big way.” Read more from our interview with Paul.
Double Your Line of Defense
Banning devices from your business isn’t an option anymore. Not unless you want to fall woefully behind your competitors. So, to answer the threat posed by mobile devices in the workplace, you need to strengthen your IT security defenses.
There are two points where this needs to happen. Your first line of defense is the devices themselves. It’s a little harder to control personal devices that employees bring from home, but make sure everyone understands the importance of IT Security, including strong password management, keeping the system OS updated, and notifying IT when a device has been stolen.
You’ll also want to strengthen your network security so you can detect and quarantine potentially malicious traffic. In some cases, this involves bots to sniff out intruders. In other cases, it involves monitoring tools that allow your employees to detect something that seems unusual.
Learn how your business can benefit from Office 365 and EMS
If your organization relies on Microsoft products, two of the most valuable weapons in your IT security arsenal should be Microsoft Office 365 and Enterprise Mobility + Security (EMS). Understand how these tools can be used to protect your systems and data from common security threats by downloading our new eBook – An IT Hero’s Day: Leveraging Office 365 and Microsoft Enterprise Mobility + Security (EMS) from stolen devices to company mergers.