As much as things change in technology, one thing stays the same: Hackers are in business to create havoc.
From a mobile OS perspective, Google Android reports the most smartphone viruses. But in the last several years, Android has improved its security architecture.
Android has many different OS versions in the marketplace, as users generally keep Android phones longer and have phones with older OSes. Some people assume that this enables attackers to use old hacking techniques without learning workarounds for the newer OSes that do a better job of blocking ransomware. Although this is true, recent Android OSes, such as Nougat, make it difficult for attackers to launch smartphone viruses.
Methods to increase security have not changed in the last several years. IT pros can avert smartphone viruses by deploying enterprise mobility management (EMM). By containerizing the threats and creating the right security policies, IT can reduce or eliminate smartphone viruses attempting to reach company data.
Policies should enforce two-factor authentication and specific password lengths, and should limit what webpages users can view through their browser. OS updates may contain important security updates, so IT should use EMM tools to enforce OS updates; if a user doesn't update the OS, he or she will lose enterprise mail and calendar privileges.
File-sharing applications can be vectors for malware, so IT should employ a secure cloud storage option, such as Box or Citrix ShareFile. If users access a personal file-sharing platform on which they also store corporate files, any malware that affects their personal files could infect their business resources. Organizations should make it easy for employees to access and work freely with the provided platform so users will have little reason to explore cloud products that may risk company data.
Internet of things devices are still mobile endpoints susceptible to malware, and the largest vulnerability may be remote employees' personal assistant speaker devices. These devices are always collecting data, so they can expose company information and personally identifiable information. EMM providers are developing products to manage this exposure, but, in the meantime, users should just unplug their devices when they conduct business at home.
Dig Deeper on Enterprise mobile security
Related Q&A from Matt Schulz
Learn about the history of OAuth and Apple and how iOS 12 changed the game for authorization. There are a few things to be wary of, too. Continue Reading
Users may not hesitate to connect to a mobile hotspot, but that doesn't mean IT should always allow it. Learn what threats these hotspots pose and ... Continue Reading
There are a variety of factors to evaluate when determining the true cost of mobile devices in an organization. Unpack these factors to find the TCO. Continue Reading