Some of the major malware attacks in 2019:
Surveillanceware that can log keystrokes, record the screen, etc, installed via infected apps.
Mobile malware that replaces legitimate apps with fake ones and displays malicious ads.
Trojan spyware that steals banking credentials.
How are mobile devices being attacked?
Attack vectors can be classified into three major categories:
Unapproved apps: 60% of all organizations do not vet the app installation source.
Outdated OS: 57% of Android devices are running an OS version less than two years old.
Unauthorized Wi-Fi: 81% of employees admit to accessing corporate data using public Wi-Fi.
How to effectively nullify such mobile threats using a mobile device management (MDM) solution:
In addition to the threats above, many other things can compromise mobile security, such as poor passcodes or unauthorized access to Exchange. Let's see how Mobile Device Manager Plus, our MDM solution, can bolster mobile security:
- Manage access to mailboxes Ensure only devices managed by the enterprise can access Exchange mailboxes, which are bound to contain corporate data.
- Control OS updates Ensure devices are always running the most secure OS version by either immediately deploying the most secure version, or delaying devices from being updated to a version with known security issues.
- Secure network access Prevent access to public Wi-Fi networks and ensure corporate data is only accessed using VPN. You can also ensure all network communications are routed through your organization's proxy, and block unauthorized URLs.
- Enforce strong passcodes Ensure devices have non-guessable passcodes that adhere to your organization's compliance standards.
- Control apps Ensure only enterprise approved apps are installed on devices by creating your own enterprise app catalog by blocklisting non-approved apps. Limit users’ access to only select apps by allowlisting them using Kiosk.
- Secure lost devices Identify misplaced devices by remotely obtaining the device location or raising an audible alarm and also prevent devices from starting up from any internal or external storage device other than the startup disk you've selected.
- Enable geofencing In addition to identifying device location, you can also restrict devices to a particular geographical range (say, your organization's premises) to ensure corporate data stays put.
- Encrypt corporate data Ensure there is no unauthorized access to your corporate data by encrypting it using the encryption options available on the device. This encryption happens on the fly, without affecting productivity.
- Containerize corporate data In the case of personal devices, you can ensure only corporate data is managed, while having zero control over employees’ personal files, through containerization.
- Restrict device
functionality To boost security even further, you can restrict basic device functionalities such as screen sharing or saving data in third-party cloud services. These security controls ensure corporate data can’t leave the device.
Source: Verizon Mobile Security Index 2019