In the TV show 30 Rock, comedy writer Liz Lemon writes a sketch that spawns the catchphrase, “That’s a deal breaker, ladies!” The phrase refers to anything a partner might do that could automatically end a relationship. For example, if a man wears a football jersey to a wedding, that’s a deal breaker.
There are a lot of mistakes users and IT can make that are deal breakers when it comes to keeping mobile apps and data safe. The following are five surefire signs it’s time to “shut it down” and come up with a new mobile security plan.
1. Users don’t have passwords. Without a password — or if users repeat passwords — anybody can access corporate data on company-provided or personally-owned devices. Admins must require users to have passwords and set minimum complexity requirements so the passcodes are harder to crack. They should also make sure users have different passwords for all the apps and devices they use.
2. Users grant apps unnecessary data access. When users download apps from a public app store, they can give them permission to access certain data. If an app requests access to other apps’ data that it doesn’t need to do its job, it may be attempting to infect that app or device with malware. IT should educate users on the type of information different apps should be allowed to access.
3. IT allows sideloading. Sideloading is when users download apps outside of their device’s native app store, often without IT oversight. Android users simply check a box in the system settings to allow sideloading. With iOS, users have to jailbreak their devices to sideload apps. To prevent the security risks that come with unapproved apps, IT should require anti-malware on all Android devices and ban jailbroken devices.
4. Admins overlook iOS vulnerabilities. Android is the major focus when it comes to malware, but iOS is also susceptible to attack. Surveillanceware, for example, can bypass the Apple App Store and exploit app provisioning. IT should make users aware that iOS devices are not impenetrable and consider extra security measures for these devices.
5. Apps and OS versions aren’t up to date. Operating system updates come with security updates, so any devices running outdated OS versions are more vulnerable to attack. App updates equal security updates, too. IT admins must make sure they or the users update mobile apps and OSes regularly; they can even set policies that require minimum OS versions on devices employees use for work.
The talk show Liz Lemon scored in the wake of her deal breaker sketch may have gone up in flames, but if IT admins avoid these five mobile security deal breakers, their companies’ security won’t.