In our last blog we spoke about the dangers of cyber-attacks, and how they are an issue at both a corporate and a personal level. This leads us onto an important question...How do you protect yourself against possible cyber-attacks on your mobile devices?
Knowledge is power.
It’s more important than ever to be aware of the risks - this is something that’s been front of mind in the business arena for some years, but the consumer market is playing catch up. All those devices you have in your home - Alexa, Google, SMART TV and even your Ring doorbell - are all connected devices that should be treated with the same stringent approach to security as your employer does your corporate device.
You’re only as strong as your weakest link...
And your weakest link is every app or touchpoint on your mobile device. According to White Paper by Mobile Iron, called 'MobileIron Threat Defence: Detect and remediate against mobile phishing attacks', 90% of breaches start with a phishing attack. Combining the fact that over 96% of mobile users have communication or social apps on their phones, it’s very clear that when both individuals and organisations sacrifice mobile security, this puts everyone at risk.
Who owns your mobile security?
We all do, whether on a BYOD or Corporate device. This is where we return to the concept of knowledge being power - the more aware we all are as individuals, the more we can take decisive action to protect ourselves.
Some organisations take this very seriously. For example, we recently spoke to Kerry Mavrides, Head of HR at Jardine Motors Group, who told us “We adopt a 360-degree approach to mobile security at Jardine Motors Group, encouraging every member of staff to take an active role in the security of their devices. We believe it’s the most effective way to deter breaches such as phishing attacks so that we not only ensure the safety of our organisation, but of each individual person too. We run regular education and testing programs with all of our employees’ multiple times throughout the year, to ensure that safety is always front of mind for each and every one of us”.
It’s the easiest way to break into any corporate environment, and many of us are guilty of adopting a sloppier approach to password hygiene than we should. Just a couple of months ago clothing retailer The North Face were forced to change a number of customers’ passwords after hackers were able to conduct a successful credential stuffing attack. Incidence of hackers capitalising on weak password hygiene are increasing, and with a recent report suggesting that more than 99% of us reuse passwords across multiple accounts, it’s more important than ever to stop doing so, and stop immediately.
Phishing attacks make it easier to hack a password, as does our prolific use of the likes of Microsoft teams - and attacks have been growing by around 26% year on year, and are expected to double in 2021.
The top tips for password hygiene are:
- Enter passwords so other people cant see your keyboard or screen
- Update or change passwords regularly
- Ensure you adopt high security standards with every password including:
- A minimum length of 12 characters
- Containing upper- and lowercase letters
- Containing at least one number
- Containing at least one symbol
- Avoid sequences e.g. 123
- Avoid words and places identifiable to you e.g. hometown, kids’ names, sports teams
Mobile Device Management (MDM)
The world of MDM has evolved from tools that manage mobile devices, mobile users’ data, and some basic mobile application controls into Unified Endpoint Management (UEM). This offers much more granular control of devices and incorporates desktop management including desktop operating systems, apps and data. Many of the big players are now offering users a degree of device management as part of their service, for example, Microsoft is making their Endpoint Data Loss Prevention (formerly Intune) user management tool available free on general release to customers. This aims to make devices much more secure.
However, a word of caution...
There’s a real danger of consumers being lulled into a false sense of security by believing that because they use the MDM software that’s available for free from the big players, they’re covered. It’s worth noting that there are some security gaps that the free MDM software simply cannot fill. You very much get what you pay for…
The Charterhouse Value Add
Charterhouse are experts in Mobility Management with over 20 years’ experience, we will help you devise a strategy that best suits your organisation, from Company Owned Devices to BOYD.
Charterhouse can support all of this activity from planning to fully managed implementation so end users feel more secure, both personal and corporate data will be better protected.
Our role is to enable you to run your business and enable your communications solutions to run professionally without any intrusion into your day job.
If you’d like to know more please register for our upcoming mobile security webinar, or speak to the team to learn more...