Call (716) 373-4467
22May

Challenges of Securing in a Mobile World

Once upon a time, our most precious assets were confidently protected behind layers of security defenses. Cash was neatly stacked in a cast metal safe which was bolted to the floor of the building. Customer lists and bank records were locked in a filing cabinet and only accessible to the person who had the key. Human Resource records were protected by the shelter of the impenetrable HR office door.

Then, digital electronics revolutionized the typical business office. Instead of accessing records from a locked filing cabinet, employees now used computers to navigate a digital file system which contained an abundance of information – much of it considered to be confidential. The sensitive documents that were once tangible and secured behind a physical lock and key were now accessible in digital format and stored in the data network for end users to access.

Security controls such as passwords and file permissions were established to protect the confidential information in its new digital format. This was a time however, when computing devices were stationary and did not typically leave the confines of the physical office. Employees would report to the office for work, log onto their computer, and only then – be granted with access to confidential information. The data that companies treasured most rarely – if ever – left the building.

The same statement cannot be made today. Mobile computing devices are very popular and can be found in most corporate computing devices. Employees are no longer forced to work on a computer that is tethered to the floor beneath their office desk. Laptops and tablets have provided employees with the freedom and flexibility to work from just about anywhere. Mobile devices have also changed the corresponding security landscape too.

The Customer Lists, HR records and Bank Statements are now leaving the building.

The 2 Significant Risks Associated with Mobile Computing Devices:

People lose them and people steal them.

The most common item stolen by thieves is cash, the second is electronic devices. So, what happens when the hotel maid swipes your work laptop or tablet? Or, what if it’s accidentally left at a train station or airport?

The answer to both questions is simple: Someone now has a device that contains sensitive and confidential business information. Chances are that “Someone” is not a trusted entity at all. Many data breaches start with a stolen work device. The stolen property is then compromised, and the thief has the ability to use or sell the stolen data.

There is no doubt that mobile computing devices pose a real security challenge. We have grown accustomed to the elasticity they provide and it is unreasonable to think we will revert back to using the stationary computer we once used at our desk. Laptops and tablets are here to stay.

Human beings will continue to lose these devices and criminals will continue to steal them. Although we can fight to minimize these occurrences through effective awareness training, the reality is that we will not be able to prevent them all together. 

However, there are security controls you can put in place to help minimize your businesses risk when it comes to laptops and tablets.

 

Use a VPN

Free Wi-Fi may be a welcome site when you’re on the road, but it can also be dangerous. You don’t know who else is using that Wi-Fi. A hacker hanging out on the connection can easily steal your data if you’re not protected.

It’s better to use either your mobile carrier connection or a virtual private network (VPN) app. VPN plans are inexpensive and will keep your data encrypted, even if you’re on public Wi-Fi. It is highly recommended that VPNs are secured using Multi-Factor Authentication, this provides an additional layer of security against threat actors.

Visit our website here to learn more about VPNs and what factors to consider when choosing a plan.

 

Backup Your Data

Don’t lose all your work data with the device! Back up your devices to the cloud or local storage before you travel. This ensures that you won’t lose the valuable information on your device. 

Need help with a Data Backup and Recovery plan for your business? Contact us today or visit our website to learn more.

 

Restrict Privileges 

Local Admin Privileges allow employees to make adjustments to their work computers without the need for IT interference. This means that they can download programs, connect to printers, and modify software already installed on their computer.

This can be convenient, but poses a major cybersecurity risk.

If a device is stolen and the thief were to gain access to an account with local admin privileges, the damage could be endless. This is especially true for a business that is not utilizing security measures such as Multi-Factor Authentication (MFA) or Password Managers. 

Once a hacker has breached your computer they could download malware, spyware, or even ransomware. Resulting in computer files being locked, credentials being stolen, or even a virus spreading throughout your entire network.

Visit our website here to learn more about Local Admin Privileges.

 

Databranch Can Help

There are key digital solutions we can put in place to keep your business safer from online threats. Contact us today at at 716-373-4467 x115 or info@databranch.com to schedule a chat about mobile security.

 

Content provided curtesy of Cyberstone.

 

 

comments powered by Disqus
Administrative Privileges Annual Security Training Anti-Virus Authenticator App Backup and Recovery Backup Redundancy Breaches business continuity Business Email Compromise Business Phone System BYOD Call Directory Cisco Cloud Infrastructure Cloud Security Cloud Solutions Compromised Credentials computer support Computer Upgrades Conditional Access Cyber Attacks Cyber Criminals Cyber Insurance Cyberattacks cybersecurity Cybersecurity Breach Cybersecurity Training Dark Web Monitoring Data Backup Data Backup Solution Data Breach Data Breaches Data Privacy Compliance Data Privacy Regulation data protection Data Recovery Device Security Disaster Recovery DNS Filtering doug wilson field technician Foundation Security Gift Card Scams Hackers Hosted VoIP i.t. service provider Internet Explorer IT Compliance IT Policies IT Resource IT Security IT Services Juice Jacking Local Admin local admin privileges Lost Devices malware managed service provider managed services Manages Services MFA Microsoft Microsoft 356 Microsoft Office Mobile Devices MSP MSP501 Multi-Factor Authentication Network Security New Computer Offboarding Office 365 Outlook Password Manager Password Managers Password Protection password security Passwords Patches Patching PC Performance Penetration Testing Personal Data phishing Phishing Attacks PII Proactive Monitoring Processor productivity Professional Tune-Up Public WiFi RAM Ransomware Ransomware Prevention repeatbusinesssystems Ring Groups risk assessment Rock-It VoIP RTO Costs Scammers Scams security Security Assessment Security Awareness Training Security Defaults Security Key SLAM Method Smishing SMS Social Engineering Social Media Security Solid-State Drive SSD stolen credentials Storage Teams technology best practices Technology Management Technology Policies Technology Review Threat Detection Threat Identification Updates virus VoIP Systems VPN Vulnerabilities Vulnerability Assessment Warning Signs Windows 8.1 Work Computers World Backup Day