In recent years, it seems most of the focus of cybersecurity attacks have been on large companies like Yahoo!, Banner Health, Citibank and even government entities like the FBI and the U.S. Department of Homeland Security. With all the focus pointing at such large organizations by hackers, it must mean that small businesses are relatively free from attack, right?
Actually, that is not the case at all and hackers are now turning their focus to the humble mobile devices that almost everyone carries. The fact that more and more individuals either use their personal or company-issued mobile devices for work-related processes has not gone unnoticed by hackers and thieves. According to the security firm MobileIron, hackers have gone beyond simple data extraction from mobile devices to simply taking over these vulnerable devices. Unfortunately, companies seem to make it easy for this to occur. For mobile devices worldwide, the adoption rate for the use of anti-malware protection is a paltry 5% and at least in the healthcare industry, almost 50% organizations have at least one missing mobile device.
So what can small businesses do to ensure their organizational data is safe? Companies need to decide if they will accept the use of BYODs (bring your own devices) for corporate interaction by employees or if they want to switch to all company-issued devices. Obviously if they go to all company-owned devices they will have greater control over vital operating system updates and the use of anti-virus and anti-malware software. They can also plan to have a system in place to keep tabs on all devices and a mechanism that will allow them to shut down the device in the event of theft, retaliation from a former employee or a cyberattack.
If they choose to have a BYOD policy instead, they can still advocate for things like strong passwords and using a good quality anti-malware and anti-virus software package, but less device control means increased vulnerability.
For more information on how to protect your organization from mobile security threats, please contact us.