Mark your calendars: 2015 was the year U.S. business owners learned the hard way their cybersecurity strategies need greater attention.
According to a report compiled by the Identity Theft Resource Center, commercial businesses experienced 4 out of every 10 publicly reported breaches across all sectors last year. More alarming, the math seems to indicate an evolution in the nature of enterprise breaches – a shift away from the immediate financial gain from stolen debit or credit card information (138 loss events involving 64.4 million different cards) to siphoning personal information like Social Security numbers for the long con (338 loss events involving 164.4 million records).
Companies need to get ahead of the curve on cybersecurity by auditing and strengthening its three supportive pillars: data security, network security and physical security. However, in a world of increasing enterprise mobility, many CIOs or in-house security compliance officers may feel like they’re starting from square one. How can businesses leverage innovations and developments in mobile security to support complete cybersecurity wherever users may be?
Enterprise mobile apps can create more chaos than order if businesses aren’t careful.
Get real about securing apps
The meteoric rise of enterprise mobility is at least partly to blame for lackluster security initiatives, according to a recent RedHat survey. In 2013, only 7 percent of businesses had a mobile strategy in place. In 2015, more than half had one. However, mobile app strategies haven’t kept pace, which has led to an increased rate of investment in both in-house app development and mobile application oversight.
As we’ve said in previous blog posts, mobile device management solutions already make for reviewing and regulating the safe use of smartphones and tablets a mobile workforce thrives on and data security requires. They make equal sense for monitoring the types of apps workers download to office-issued or BYOD provisioned devices. MDM ensures that policies around enterprise mobility are observed and carried out, whether you’re fleshing out mobility programs already in place or taking security to the next level by targeting apps.
Stop the fall of cybersecurity dominoes
A massive global network security vulnerability exposed in the fall of 2015 demonstrates how inexorably linked different kinds of security can be. And if one security element falls short, they all might.
BBC News reported cybercriminals exploited a bug in Signal System 7, technology capable of linking worldwide mobile networks, to track users and steal data. Interestingly, this wasn’t an example of cybercriminals getting a technological upper hand, but a suspected failure on behalf of SS7 operators to keep sensitive core network information close to the chest. A small data security flaw, therefore, led to an international network security incident.
While things like MDM and virtual private networks are crucial for a consummate network security strategy, don’t forget to thoroughly protect any and all information or processes that grant access to corporate networks, no matter how seemingly insignificant.
Next-gen physical security requires policy updates
“Virtual badges” took center stage at both this year’s ISC West and the Connected Security Expo, leading many to believe enterprise mobility may soon converge with physical security in unprecedented ways.
As businesses weigh the pros and cons of adopting similar technology or incorporating mobile tech into the physical security schema, they should revisit BYOD policies regarding device lifecycles whichever side they ultimately land on. We know these devices can already contain a lot of sensitive data on customers and on-site operations. But when a stolen smartphone could literally open the door to ne’er-do-wells, businesses must make sure they have the systems for in-device authentication, tracking access and restricting use at a moment’s notice.
For more guidance on the dos and don’ts of enterprise mobility, check out our white paper “Five Tips to Mastering Enterprise Mobility.”