When your business depends on response speed, access to your corporate information, or at least to your e-mail, on the go is a must. However, more access brings more threats. That is why it is rational to assess risks and have a well-thought-out protection strategy before adopting mobile device usage at work.
Mobile devices: A moving target
An employee’s mobile device is an interesting target to a broad array of cybercriminals. Some are looking for corporate intellectual property (and according to our “IT Security Risks Survey 2018,” employees in 1 in 5 enterprises access corporate intellectual property using their personal mobile devices and tablets). Others think that your contact list is good loot — it can be used for spear-phishing attacks on your colleagues.
Those are rather exotic threats, but don’t forget about more widely distributed malware that doesn’t target a specific business. Last year, our systems registered 42 million attempted attacks on mobile devices. They included a variety of Trojans that tried to hijack social media and bank accounts, ransomware, and more. They may not sound as scary as targeted attacks, but they can cause plenty of harm, especially if the accounts in question are corporate ones. That situation is fairly common in the SMB sector.
The main problem with mobile devices is that they do not stay inside a company’s security perimeter. They can be exposed to unsecured public Wi-Fi or just be lost or stolen. When employees use the same device for both work and personal activities, more problems pop up. An employee might accidentally download a compromised application preloaded with a spying module or ransomware, for example. They might try to root or jailbreak their device and expose it to even more threats.
Some of the problems — unfortunately, not all of them — can be solved with mobile device management and enterprise mobility management solutions. To resist sophisticated malware, companies need an additional level of protection.
Countermeasures to corporate mobile threats
This year, Kaspersky Security for Mobile received an update and now includes machine-learning-assisted technologies with cloud-based threat intelligence mechanisms to bring threat prevention, detection, and remediation to mobile platforms and thus keep corporate information safe.
For example, Kaspersky Security for Mobile can detect if an employee’s smartphone or tablet is jailbroken or rooted (bad enough if the employee did it, but worse if done without their knowledge). Our solution also provides application control, Web traffic control, antiphishing, and antispam subsystems to corporate devices.
Kaspersky Security for Mobile integrates with Microsoft Exchange ActiveSync, iOS MDM, and Samsung KNOX platforms; and Kaspersky Security for Android (a part of this solution) is also compatible with VMware AirWatch and MobileIron. That compatibility allows your IT staff to configure and control security management for most widely used mobile devices.
Kaspersky Security for Mobile features are integrated into Kaspersky Endpoint Security for Business. You can try them by clicking on the banner below.