E-Handbook: Protect against mobile device security attacks Article 4 of 4


How can IT reduce smartphone viruses?

It's important for organizations to stay current on what's new in mobile malware and to develop security policies to combat these vulnerabilities.

As much as things change in technology, one thing stays the same: Hackers are in business to create havoc.

From a mobile OS perspective, Google Android reports the most smartphone viruses. But in the last several years, Android has improved its security architecture.

Android has many different OS versions in the marketplace, as users generally keep Android phones longer and have phones with older OSes. Some people assume that this enables attackers to use old hacking techniques without learning workarounds for the newer OSes that do a better job of blocking ransomware. Although this is true, recent Android OSes, such as Nougat, make it difficult for attackers to launch smartphone viruses.

Methods to increase security have not changed in the last several years. IT pros can avert smartphone viruses by deploying enterprise mobility management (EMM). By containerizing the threats and creating the right security policies, IT can reduce or eliminate smartphone viruses attempting to reach company data.

Policies should enforce two-factor authentication and specific password lengths, and should limit what webpages users can view through their browser. OS updates may contain important security updates, so IT should use EMM tools to enforce OS updates; if a user doesn't update the OS, he or she will lose enterprise mail and calendar privileges.

Top threat vectors ranked

File-sharing applications can be vectors for malware, so IT should employ a secure cloud storage option, such as Box or Citrix ShareFile. If users access a personal file-sharing platform on which they also store corporate files, any malware that affects their personal files could infect their business resources. Organizations should make it easy for employees to access and work freely with the provided platform so users will have little reason to explore cloud products that may risk company data.

The largest vulnerability may be remote employees' personal assistant speaker devices.

Internet of things devices are still mobile endpoints susceptible to malware, and the largest vulnerability may be remote employees' personal assistant speaker devices. These devices are always collecting data, so they can expose company information and personally identifiable information. EMM providers are developing products to manage this exposure, but, in the meantime, users should just unplug their devices when they conduct business at home.

Dig Deeper on Mobile security

Unified Communications