Mobile Security: 9 Myths Not To Believe
Mobile devices are increasingly becoming the tools we use to perform an ever-greater number of tasks, from entertainment to paying bills, from GPS location to booking holidays. With our dependence and reliance upon these devices forever growing, security becomes an issue that cannot be taken lightly. Unfortunately, myths have been established that need to be debunked so real security issues can be addressed. Here are nine such examples:
1. Mobile devices are less secure than desktop varieties
A lot of the misinformation surrounding mobile devices concerns the fact that mobiles are inherently riskier. In fact, with the ability to track and remotely shut down these types of devices, they need not be riskier at all. Indeed, with less capacity to store data directly, mobile devices which connect to the cloud are probably less risky.
2. Mobile devices don’t need to be encrypted
Data encryption is sorely lacking in a high number of organizations when it comes to mobile devices, where they are used as thin clients only. But localized storage is still common and so vulnerabilities remain as high as ever, despite the prevalence in using cloud-computing practices. Sensitive data such as contacts lists are still commonly found on these devices, which is a good enough reason alone to ensure encryption.
3. You don’t need mobile antivirus software
Most IT departments wouldn’t dream of employing no antivirus software on desktops, but the same level of vigilance is rarely established with mobile devices. The fact is they connect to the same networks as their desktop cousins, so remain every bit as vulnerable. That’s just common sense.
4. BYOD devices are a major risk
BYOD devices are generally frowned upon as they are seen as lax when it comes to security. However, it is about establishing a proper BYOD progam which included practices for using these devices, as well as regular monitoring. These types of devices can be every bit as secure as enterprise models.
5. Only mobile devices get lost
Of course, mobile devices have an inherent risk when it comes to being misplaced, and they are also easier to steal. However, according to research, missing desktop equipment costs businesses $1.8 billion annually, which is a tidy sum.
6. You don’t need to audit mobile security
Perhaps the greatest myth of them all. Any self-respecting IT auditor would rush to include mobile devices in any IT security audit, but the fact remains that an eye-watering number of bushiness overlook these devices. The network and centralized monitoring become the focus, but end user habits and that security access to their mobile devices should be every bit as crucial.
7. Two-factor identification is unnecessary
Businesses are increasingly establishing two-factor identification protocols for desktop devices and also physical access. Yet again the feeling prevails that mobile devices do not need this level of security, but the fact remains that these devices can offer greater risk, especially as they are more likely lost, and so a two-factor identification step feels more necessary.
8. Wearables aren’t included
Wearables are a relatively new style of mobile device, and there are still many businesses that do not yet employ this style of technology. However, in certain industries wearables are becoming more commonplace, yet a recent report by Tech Pro Research revealed that less than 60% of the wearables already employed in the field are not secured, perhaps due to the belief that they do not need to be. The fact is, wearables are as vulnerable as any other mobile device, so this is a major security lapse.
9. There is not threat from public app stores
It is incredible how many businesses, of varying sizes, have no established downloading policy, which means that employees continue to simply download as and when required from public app stores. These stores have worked hard on security, but they are far from full proof, so hacks, viruses and malware do exist, and must be taken seriously.
In most cases, improved mobile security can be achieved simply with more education. And that means establishing what isn’t a threat as much as what it. When it comes to mobile devices, more education in terms of the business IT team as well as end users can have a great effect.