Everything from applications, social apps, OS vulnerabilities and even mobile device management acted as initial attack vectors troubling nearly every single organization globally.
Let’s just all say it together: mobile is a problem. Trying to put the same levels of security controls onto a device the organization doesn’t necessarily own, that has less customization than Windows OS, and runs completely remotely 24×7 is one tall order for IT organizations today.
But mobile is a profitable attack vector for the bad guys, making it important for organizations to pay attention and figure out how to mitigate the risk of attack. And are there ever risks in mobile!
According to CheckPoint’s Mobile Security Report 2021, mobile is everyone’s problem. From vulnerabilities on the apps for Facebook, Instagram and WhatsApp, to infiltration into Google’s apps via the Google Play Core Library, to OS vulnerabilities (in both Android and iOS!). It’s evident that there is plenty of reasons why the bad guys see mobile as a fantastic attack surface.
From the report:
- 97% of organizations faced mobile threats in 2020
- 46% had at least one employee download a malicious mobile application that threatened networks and data
- 75% of one company’s mobile devices were compromised via corporate-owned MDM
With several major APT groups specifically targeting mobile devices, it’s necessary for organizations to do as much as is possible to improve the security of mobile devices. This includes:
- Updating the mobile device OS and mobile applications
- Keep MDM solutions patched regularly
- Educate users with Security Awareness Training to minimize the user’s interaction with malicious email and websites as a potential threat surface
Mobile may very well be the new hot attack vector. Get ahead of it now while it’s new and not mainstream!
Request A Demo: Security Awareness Training
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW