But with those advances and productivity comes a plethora of security risks, creating huge security challenges for the company. Hackers and malware creators target devices in order to launch a larger attack on corporate networks, with the intent of accessing and stealing sensitive information.
Mobile devices have become the new attack vectors and are even getting hit by a much more sophisticated attack known as APT (Advanced Persistent Threats) intended to steal corporate data. Malware targeting mobile devices is growing fast, increasing as much as 614 percent in 2013, according to Juniper Networks.
Sadly, though, many companies these days not only do not manage their mobile security risks, they don’t even manage mobile devices. There’s a great need for better control over the devices that connect to their networks if they want to keep a tight control over corporate data. This also means taking a proactive role over mobile devices and getting the company to lead the acquisition of devices within the enterprise.
Guidelines for Securing the Mobile Enterprise:
- Understand mobility risks and solutions
- Companies should have a mobile device security policy.
- Acquire enterprise-grade Enterprise Mobile Management solutions.
- Companies should fully secure each company-issued mobile device before allowing the user to use and access it.
- Companies should have a plan in place for lost, stolen and compromised mobile devices.
- Companies should develop a threat modeling system for mobile devices and resources that are accessed through the mobile devices. Good security always starts with creating effective threat modeling.
- Companies should regularly maintain mobile device security. Always check for upgrades and patches, acquire and test them.
- Implement and test a mobile device solution before putting the solution into production.
- Control Third-Party apps.
No comments:
Post a Comment