6 Mobile Device Security Myths

At a time when cyberattacks are flying at our devices left, right and centre, it can be easy to believe preconceived notions about the security of our mobile devices. That’s why today, Team Serbus dispels 6 of the most common mobile device security myths.

Reality Check Road Sign

Myth 1. Mobile phones don’t need antivirus software

In this day and age, mobile phones have some of the most critical security vulnerabilities. They are with us all the time – this makes them a more susceptible target for hackers to attack. Near enough all of us own a smartphone that we use to manage all of our essential communications, data and information, flight information, work emails, viewing data or spreadsheets, posting to social media, even the apps and games we download to pass the time on the tube, or create collages for our Instagram posts. Threats come easily via un-secure applications and software updates that are left uninstalled creating gaps in device security.

There are a number of phone anti-virus software available in today’s market that can offer app scanning technology, reducing the risk of breach and device compromise from apps with viruses, spyware and other threats. In the present day, we have a responsibility for the personal protection of our data to ensure we are protected to the best of our ability from app-borne threats from the online world.

Myth 2. BYOD is not an effective security solution

Mention BYOD to many information security professionals and they’ll tend to avoid the idea. For IT teams, there is an extensive challenge when it comes to BYOD – devices used for both personal and work purposes – in that they are the main responsibility of the user. Yet a BYOD arrangement can be easier to manage on behalf of IT teams if it is maintained with the proper protective controls and a cohesive and thorough policy understood and respected by a trusted user. For those teams that are larger in size, an enterprise mobile management solution could be more pertinent.

Ultimately, as a business, you need to understand the requirements of your organisation, and understand the nature of the data at risk in the event of a compromise, in order to ascertain the precise parameters for remote working access to the company network.

Myth 3. I can’t keep business devices safe if I allow employees to take them home

Not true. Again, this comes down to the policies your organisation has designed around remote working. Employee devices with remote access can be secured and used from home if the proper tools have been installed on the trusted device. This could be the strict use of a secure voice and messaging application only for business communications; the requirement of a company VPN for secure online access and browsing; a solution that allows your IT team to centrally manage the device from their location in the event of an immediate emergency.

Myth 4. Smart accessories are secure if they’re being used at work

The average IoT device experiences 5,200 breach attempts per month (Symantec). Increasingly over the past couple of years as they have grown in popularity, smart accessories have presented another vector for hackers to exploit. Just like an unauthorised device connecting to the business WiFi or network, because of a smart device’s interconnectivity, more avenues open up that IT teams must protect from cybercriminals. Lack of updates become one of the key causes of critical vulnerabilities to these devices, usually due to user-presumed safety. After all, who expects their next breach incident to come via their smart TV or wireless printer? It seems like something you’d only see on Doctor Who.

Myth 5. I can’t do a thing if a mobile device is stolen or lost

In the UK alone, it’s estimated that 446,000 handsets are stolen per year, which accounts for around 1,222 per day. A recent survey has also found that 25.3% of serious data breaches in the workplace were caused by mobile phone loss (SwitchedOnInsurance).

For work devices that have been properly setup with the right mobile security tools, remote management of the device will allow your company’s IT team to wipe and reset any phone or tablet that has been compromised by theft or loss. Sadly, this does not mean you get the device back, however when you weighted up with the potential cost of a breach because that device has not got a remote wipe option, and data is the compromised, the resulting costs will be far less if a breach incident is strangled before given the chance to occur.

Myth 6. Mobile security solutions don’t protect employee privacy

The way in which the majority of mobile device management solutions work is by installing agents to enable software communication between devices. These do not allow employers or administrators to monitor the information or processes being carried out on connected employee devices.

Access that is granted to IT teams and the device administrators is crucially limited to security, allowing the operators to perform critical updates to device software, and consequently enabling employee data to remain respected.

Are you looking for assistance with your organisation’s mobile device security? To find out more about how Serbus can assist in securing your remote workers and ensure an advanced level of protection on your devices, get in touch today by emailing [email protected], or call our office on +44 (0)1432 870 879.