People love mobile devices. Smartphones, tablets, laptops and other connected devices make getting work done faster and easier, but in many ways the use of mobile devices for business poses big challenges for IT security. A study by independent research organization, the Ponemon Institute, has uncovered important insights about how the expanding number of devices connected to business networks has created vulnerabilities that threaten the cybersecurity of businesses.
1. Employees Fail to Follow Security Policies
Employees can hardly be blamed for not following security policies if they do not know about them and if they are not trained in their use. When security policies are in place, they need to adequately cover all possible scenarios and empower employees with the tools they need to comply.
Employees may bypass established procedures if they don’t understand that cybercrime is a real and serious threat. They also may ignore policies when they intrude on their ability to get their work done. Additionally, If workers are used to bypassing IT, they may disregard policies because they anticipate that involving the IT department will stop or slow them from doing their job.
2. The Number of Mobile Devices Connected to Your Network Has Increased
The sheer number of devices connected to your network poses an IT security threat because they extend the area that you need to protect beyond your network perimeter. A mobile device isn’t just a smartphone. This designation includes tablets, laptops, security systems, environmental controls, equipment and equipment consoles, printers, bar code scanners and point-of-sale devices to name a few. What is similar about all of these devices is their purpose to gather, analyze and/or provide ways to interact with and deliver data. It also might not just be your employees who are accessing your network if vendors or customers utilize these systems as they do business with you.
3. More Personal Devices Are Connected to Your Network
Allowing employees to use their own smartphones, tablets and laptops for work might seem like a cost savings, but if they do so without allowing the company sufficient visibility and control, bring-your-own-device (BYOD) practices definitely pose a serious cybersecurity risk. BYOD makes a lot of sense for some employees. They are able to use the type of technology with which they are familiar, and they don’t have to double up on the devices they need for business and personal life.
On the downside, it’s tricky to control what the user can download or what websites they can visit on the internet. Privacy issues arise as companies decide if they need to protect the employee’s device or the company’s data on the device, in the event that it is lost or stolen.
4. Malware Infections are more difficult to detect
With the evolution of the cybercrime ecosystem has come more sophisticated malware. Malware developers monitor changes to security software, and they market their malicious applications as being able to evade detection or escape quarantine. Some of the symptoms of infection might be recognized as an ill functioning device instead of a malware problem. These include decrease in battery life, diminished performance of applications, dropped calls, or increases in data use.
5. Devices Connected to Your Network Are Not Secure
Everything that is connected to your network needs to be under your IT security umbrella. Many companies haven’t resourced IT with the expertise and technologies needed to make all endpoints visible and to secure them. Not all IT support companies have the tools that are needed to identify and monitor everything that interacts with a network and its data.
IT Security Should Be Part of Your IT Strategy
At Thriveon, IT security is one of seven facets included in our Information Technology Strategy (ITS). The repercussions of cybercrime are serious and we help companies develop and implement a layered approach to cybersecurity.
Learn more about the cybercrime ecosystem and why your business is a rich target for cybercriminals by viewing our on-demand webinar.