5 Key Risks for Workplace Mobile Device Security

The rising tide of a mobile workforce is an indication towards the fact that employees just don’t bring their devices to their workplaces – they literally live on them. In a survey conducted by Pew Research, smartphones were the first thing 62% millennials reached out to in the morning while 44% responded to keeping their devices next to them at all times. The increasing smartphone and mobile devices adoption is becoming a barrier to effective implementation of security breach responses. Smartphones today are capable of doing so much more compared to the earlier mobile devices that this aspect has opened up new avenues of security breaches by cyber attackers.

Security attacks have been commonplace as mobile devices are an easy target for the attackers. Here, we identify five key areas of threats posed to a mobile device, which are simply the retargeted versions of threats and attacks aimed at other endpoint devices.

1. Malicious Codes:

Socially engineered through text messages or mobile apps, malwares take advantage of normal human behavior to trick them into believing whatever the hacker / attacker sell. A few of the prolific malware examples include rogue applications, spam and weaponized links on social media applications. Android devices are the largest targets for malware with 5768 malware attacks per day over 6-month duration, as substantiated by CYREN Security Report for 2013. However, this does not mean that iOS devices are immune to such attacks.

2. Physical Access:

The extremely lightweight, small and portable nature of mobile devices, in addition to making them ideal travel companions, make them easy to lose or prone to embezzlement. Even the most stringent from of security on the device or the smartest intrusion detection system will fail to secure a device from anyone who has “physical access” to it. For seasoned attackers, circumventing a password or even accessing encrypted enterprises data would be the most trivial task on earth. An Android or iOS app development company has to make its mobile workforce aware of the complexities associated with the BYOD phenomenon.

3. Communication Interception:

The smartphones or other mobile devices facilitate connectivity to the Internet via Wi-Fi or other networks on the move, making them susceptible to attacks like Man-in-the-Middle or identity thefts. Data security for enterprises that use and allow Wi-Fi hotspot services is extremely high.

4. Device Attacks:

These types of attacks are aimed at either gaining control of the device to access data or to attempt a DDoS (Distributed Denial of Service) attack. Additional services like buffer overflow exploitations, browser-based attacks, text and multimedia messages can initiate device attacks, similar to that of PC attacks.

5. Internal Threats:

Many a time, enterprises fail to take into account the threats posed from within the organization itself. The smartphones can be a medium of misuse or misappropriation of data as malicious insiders can transmit corporate data via email to external accounts or even download large volumes of it to the flash memory cards.

Ironically, although enterprise mobility has opened up new avenues of enhancing workplace productivity, cell phones are still viewed as the highest workplace productivity killers. Besides, the Android devices have a higher rate of adoption at the workplace, as referenced from the number of Android device users that stands at 53% of the total mobile users. As such, Android app developers can strive to write codes for enterprise applications that enhance security to some extent.