Guarding the gateways: A deep dive into mobile device security
by Leigh Taylor, Head of Cyber Defence
Most people worldwide have a mobile device (over 90%), and more than half of internet traffic comes from mobile users. This makes smartphones a big market for developers and marketers who want to reach millions quickly. Unfortunately, it also means you’re at a higher risk from cyber criminals trying to get to your information.
With the increasing frequency of data breaches, it’s crucial for organisations to put in place checks and processes that guarantee the application of security standards throughout the entire company, including all mobile devices and endpoints. Taking a proactive approach not only improves the organisation’s overall security stance but, more importantly, acts as a preventive measure against potential data breaches.
Within this blog, we’ll explore the impact of data breaches stemming from unsecured endpoints and discuss the precautions you can adopt to steer clear of such breaches.
The hidden risks of unsecured mobile devices
When it comes to endpoints, mobiles and indeed many corporate-owned IT assets are some of the least regulated tools employees use. They are often overlooked even though they store just as much sensitive information as laptops and desktops.
Mobile devices typically make up around 60% of an organisation’s endpoints, all with the capacity to access millions of confidential and sensitive company files. More than 40% of data breaches trace back to unsecured endpoints. Unsecured endpoints—such as tablets, laptops or smartphones —can become access points for hackers attempting to start an attack within a company’s network, such as mobile ransomware and operating system (OS) exploitation. Company-owned mobile devices access valuable corporate data on a daily basis and must be secured to prevent a data breach.
Tracing the wider impact of a mobile attack
In 2021, a Swedish company specialising in radiation services and supplying related data equipment faced a data breach impacting nearly 200 patients’ health records. The breach occurred when hackers targeted the company using a mobile ransomware attack on one of its devices, exploiting insufficient security measures for almost three weeks.
As a third-party service provider used by various US healthcare providers, the data breach’s impact also extended to its partners, demonstrating what wide-ranging effect an attack can have, not only on the intended target but also on their supply chain.
Best practices for endpoint and mobile security
Users need to be able to access company data and information remotely, so enabling mobile access is a top priority for most organisations. But it’s not just as simple as providing users with a device and letting them log onto their email client of choice or use their own device at work.
Striking a balance is essential – ensuring a straightforward onboarding process for end users while guaranteeing they can complete their tasks and access company information securely.
Here are our 6 mobile security best practice tips to help you keep your mobile devices secure:
- Enforce security compliance controls on devices
Using Mobile Device Management (MDM) you can make sure that all your devices have security installed. Some of the more common controls might include single sign on, block lists, enforcement of updates, DLP and device wipe capability.
- Implement multi-factor authentication (MFA)
Putting in place MFA makes it more difficult for hackers to access your company information and corporate databases. MFA adds an extra layer of protection for endpoints, reducing the chance of unauthorised access.
- Encrypt your data
If data is encrypted, you prevent criminals from accessing or viewing sensitive corporate files if the phone is lost or stolen.
- Keep software up to date and perform backups
One of the best ways to fight against that is to ensure that all managed devices are fully up to date with the latest malware protection. Performing regular backups on company devices also reduces the possibility of data loss.
- Establish a process for handling all corporate-owned IT assets
Recycling or reselling mobiles or other devices without destroying the data can leave you exposed to threats. All data should be wiped following the NIST 800–88 data destruction standard. If the device is lost or stolen the IT team need to be able to destroy data remotely.
- Educate your end users
Your employees and end users are your ‘human firewall’. It’s important to train them and keep them informed on current threats and vulnerabilities.
Once you’ve implemented and actioned all the steps above, sitting and waiting for an attack to find out if your strategy is working is high risk. This is where 24×7 Managed Detection and Response (MDR) comes into play. With MDR, security breaches are quickly identified and isolated. This continuous monitoring service, operated by cyber security experts, uses advanced technology and analytics to detect and respond to threats in real-time, round the clock. It’s not just about having tools in place; it’s about having a dedicated team that’s always vigilant, analysing and responding to threats before they can escalate.
In addition to MDR, you should run regular security audits and hire external parties to conduct penetration tests to identify any weaknesses in your defences. Trial smishing and phishing campaigns can be instrumental in assessing if your employees are well-prepared to recognise and respond to these threats. These campaigns also test the effectiveness of your communication and training, confirming if you have the right processes and tools in place for them to report suspicious instances.
By combining proactive measures like MDR with regular testing and employee training, your organisation can establish a robust security posture that not only prevents breaches but also minimises their impact should they occur.
With Resillion’s comprehensive security suite, including our remote access, mobile device management solutions, and the vigilant 24×7 Managed Detection and Response service, you’re equipped to regularly review device policies and stay ahead in the ever-evolving threat landscape. Our solutions offer centralised management of devices, ensuring they are always updated with the latest security patches and software upgrades. The MDR service enhances this by providing continuous monitoring and rapid response to any threats, thereby reinforcing your organisation’s cyber security framework. Additionally, we fine-tune your device configurations to align with your company’s security policies and enforce regular password updates, ensuring a robust security posture at all levels.