When Google released Android 4.2 in November, many people cheered the announcement of a new security feature called “application verification service.” The service, which scans app downloads for suspicious code, was purported to bring the Android marketplace closer to Apple’s model for security. However, a new study claims the Google AVS is only effective in stopping 15% of known malware threats. This is a scarily low number for IT departments who have been grappling with enterprise mobility security and the increase in BYOD initiatives.
BYOD, or Bring Your Own Device, refers to companies who allow their employees to use and access company networks and information using their own mobile phones, tablets, or laptops, rather than company owned and managed devices. This setup, while especially attractive to employees who like to purchase the latest tech gadgets, can present a lack of control for IT departments concerned with security. A smartphone infected with malware could potentially be used to capture sensitive corporate information. A lost or stolen tablet without the proper security could potentially be used to access secure corporate networks.
IT departments, if they haven’t already, need to make enterprise mobility policy their top priority for the new year. The first decision will need to be whether to employ BYOD, or if company issued devises would be more beneficial for the company. While some industries, such as stock trading, still lend themselves towards the latter, most IT researchers believe BYOD will become the norm. In determining policy, Gartner IT advisors recommend, “Enterprises should focus on mobile data protection (MDP), network access control (NAC), and mobile device management (MDM) tools to support their BYOD and new enterprise mobile platform efforts.” Mobile data protection means using a secure mobile data transfer solution such as EFT Server to let users conveniently and securely access sensitive data. A solution like this also maintains control over network access though encryption, authentication, and detailed reporting. Mobile device management means that IT departments should be prepared to manage and support a wide range of devises from smartphones and tablets to laptops. Employees who purchase these devices may not have the skills or knowledge necessary to use or set them up properly, so it is in the best interest of corporate IT departments to educate and support users on best practices for safety and security. Companies will also want to plan for decommissioning, or wiping clean, old devises when new purchases are made. Employees need to know what to do to make sure company data is removed from the phone before passing it along or turning it in for recycling.
The amount and types of mobile malware attacks have increased exponentially in the last couple of years. This trend is fueled in part by the increasing popularity of BYOD. The information currently stored and accessed by mobile users is tantalizing to criminals who exploit weak security to reach contact information, passwords, bank account data and much more. Make sure your company has a strong enterprise mobility plan in place. Educate your workforce on proper security protocol. Keep up with the latest data and best practices to keep your corporate data secure.
4 Comments
Leave a Reply
Cancel reply
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
daniella
January 15, 2013 at 1:47 pm
Definitely an excellent post. I am quite very happy that i found this informative article. Thanks much
Fran
February 14, 2013 at 5:08 am
this makes me nervous about banks. some person not knowing could let malware into bank computer and let thousands of peoples information be stolen. maybe compaines have to have seperate cell phones and not let people download aps or find more secure phones.
Rajib
March 4, 2013 at 8:50 am
A valid post, as the smartphones become more and more popular they are being targeted by hackers and malwares to seatl private and compacy secrets. BlackBerry 10 has introduced BlackBerry Balance to keep separate profiles in the same phone one for private use and and another profile for workplace. This prevents valuable workplace information getting stolen by malwares. We will have to see if Google also adopt to this policy in their new OS update.
piyush wadhwa
April 13, 2013 at 11:52 am
Everyone likes to bring their cool gadgets to work, so Google must do the same thing as blackberry did with their latest operating system, separating the workplace and personal usage of smartphone thus providing more security