With the number of internet-connected mobile devices anticipated to exceed the world's population this year, according to a recent study by Cisco, mobility is having a profound impact on how we live and work. Companies realize bring-your-own-device (BYOD) policies create new risks with a plethora of challenges going far beyond those previously. However, most organizations are still lagging behind on making the changes necessary to adequately address these new challenges.
Mobility is increasing productivity by connecting devices to the internet, this “internet of things” dramatically increases the productivity of industries as diverse as health care, transportation and agriculture. The internet of things isn't a futuristic notion, it is here today. Increasingly, point-of-sale terminals are internet-enabled to allow real-time tracking and inventory management and trucks are connected to the internet to allow more sophisticated fleet management, to name a few.
While unlocking productivity, the internet simultaneously increases the attack surface and creates new risks to the enterprise, with security teams needing to prioritize protecting their assets against their biggest security risks.
Arguably the biggest risk is the loss of confidential enterprise or customer data. Hundreds of millions of customer records are stolen each year with the average cost per record breached over $200, according to a study by the Ponemon Institute. Data theft costs enterprises billions of dollars annually in spite of heavy security investment and current protection measures. How?
A study found that 98 percent of these incidents involved outside attackers while 69 percent involved some form of malware. Notably, the compromised mobile devices don't belong to the end users, but are similar to point-of-sale devices that hackers access remotely. Today's mobile malware has advanced capabilities unseen with traditional malware. These capabilities include tracking a user's exact location, accessing various forms of communication (SMS, MMS, email, instant messaging), access to detailed contact information, listening to a user's messages, making unauthorized calls and more.
To understand the actual prevalence of mobile-specific malware that is rampant today, Nominum sampled several billion DNS queries and analyzed patterns in the DNS traffic to determine which mobile devices were infected and the most common infection types. Nominum found infected devices across multiple operating systems, including Apples iOS, with our data also indicating Android devices presented the greatest risk with the top five mobile malware variants all targeting Android.
The Nominum research shows mobile malware already contains sophisticated capabilities that present significant risk to enterprises and it is only a matter of time before these unique capabilities are used more widely against enterprises as well as individuals.
A protection strategy that does more than just stop malware on end-user's mobile phones is essential. Even if mobile operating systems were 100 percent secure, the people who use them are not and human error plays a large role. Implementing a mobile security strategy also requires providing similar levels of security to employees working remotely on their laptops from airports or coffee houses as if that person was working from the office. Likewise, enterprises need to think about how they can adequately protect mobile users directly accessing 3G or 4G networks and bypassing traditional network-based technologies. Finally, security professionals should inventory all the connected devices they have across their enterprise, including those carrying “machine to machine” traffic to ensure they are secure. An inventory which requires re-evaluating the network security architecture and implementing smarter network-based defenses.
Anti-virus protection at the mobile device level is still immature and inadequate. Signature-based anti-virus is also problematic as is drains precious battery life causing an unacceptable slowdown in device performance. A solid security approach for enterprises is to carefully monitor outbound traffic for signs of device infection. This is especially critical since devices can be compromised outside the enterprise and then brought into the enterprise infected. Detecting and mitigating these compromised mobile devices quickly is critical to minimizing irreparable damage.
Enterprises should also seriously evaluate managed security offerings from their Internet Service Providers. Desktop security has significant limitations when applied to mobile devices, yet significant threat traffic also bypasses traditional enterprise network security technologies (for example, when someone uses their laptop to work from home or that person communicates from the home or office using a 3G or 4G wireless network). Protecting these types of users requires better security embedded into the network itself.
Productivity and security go hand-in-hand. Mobility has transformed how people work but enterprises need to think beyond the impact of infected mobile phones and look holistically at protecting all the connected devices on their network. Doing this requires building more security into communications networks beyond the enterprise firewall. Communications Service Providers are in a unique position to help.