search
AdobeStock_118992302_lr

A CEO's Guide to Mobile Data Security and what you can do to secure your enterprise

Mobile device security has become a critical issue in the enterprise. 47% of businesses do not encrypt sensitive data on open networks.

Whether you prioritise the need to avoid fines for data breaches or to protect your organisation’s reputation or brand, the faster a data breach can be identified and contained, the lower the costs.

Mobile Data Security Risks

New call-to-action

Ransomware, malware, and hackers tend to make the best cybersecurity threat headlines, yet in reality, mobile data security breaches stemming from human error are just as common.

Many data leaks are the result of carelessness and other internal slip-ups. In fact, complacency is one of the greatest risks to mobile data security today.

What is Enterprise Mobility Security

No Hackers. No Dark Web. Just Basic Security Failings

In terms of enterprise mobile security, the Verizon Mobile Security Index 2018 Report finds:

  • 47% of businesses do not encrypt sensitive data on open networks
  • 39% of mobile device users change all of their default passwords, making the device easier to hack and access if lost or stolen.

In fact, the massive data breach at credit-reference agency Equifax reported in September 2017 was the result of a litany of errors inside the company. These include the failure to use well-known data security best practices and sub-optimal internal controls, including:

  • Inadequate encryption
  • Overlooking known IT vulnerabilities
  • Using out of date software
  • Inadequate system scans
  • No security reviews.

World’s largest data breaches of 2018

Infographic_worlds data breaches_2018-1

6 Steps to Rapidly Improve Mobile Data Security

To up the ante on mobile data security in your organisation, you can take the following practical measures: 

1

Set devices to lock automatically when not in use

3

Complete software updates and patches in a timely manner

5

Educate employees to recognise suspicious emails

2

Keep antivirus and anti-malware software up to date

4

Ensure users can access corporate data from a secure central location

6

Train users to encrypt hard drives and USBs before they put any work-related information on them

EMM is your first line of defence in enterprise mobility security

To mitigate the risk of a mobile data breach, you need to gain full visibility into your users’ devices, apps, and network access with Enterprise Mobility Management (EMM).

Using EMM tools, IT teams can secure mobile devices, applications, and the data on them, and keep security threats at bay. Whether the threat comes from an app, the Internet or an employee losing a device that contains commercially sensitive data, EMM solutions can prevent critical data loss and unauthorised data access.

In fact, EMM forms your first line of defence against enterprise mobility security threats and help keep customer and corporate data safe.

imei Secure delivers best practices in enterprise mobile user authorisation management, helping to reduce the risk of information loss through mobile data security breaches.

risk calculator_sample image_rev

Assess your risk

Don’t become another statistic in OAIC’s next quarterly report. Take our easy quiz and calculate the extent of your organisation’s data risk.

Improve User Security

It’s important to manage the identity of the mobile technology accessing your network and implement strong technologies and automated processes to reduce information loss and reputation risk.

Secure - MTD_100px

Mobile Threat Detection (MTD)

With Mobile Threat Detection your organisation can detect and analyse threats as well as take swift action against them and restore compromised devices to a compliant state. This technology detects and remediates malware, viruses, worms, bots, phishing, and a variety of other cyber threats.

Secure - Mobile Information Security_100px

Mobile Information Security

With Mobile Information Security technology, you can set up protocols to ensure the right data can always be accessed by the right people, when and where it is required.

Secure - MDM

Mobile Device Management (MDM)

See Mobile Device Management (MDM) as a minimum requirement. This technology prevents unauthorised access to corporate data, helps ensure that mobile devices are compliant with corporate mobile policies, and provides capability to remotely lock and wipe a compromised device.

Secure - MTM_100px

Mobile Threat Management (MTM)

Mobile Threat Management (MTM) is used to improve your enterprise security protection well beyond the provisions offered by MDM platforms and EMM capability. It further enhances the capabilities of MTD technologies with proven processes to design, build, maintain, manage, support and report on cybersecurity within your business.

Secure - Automated alert and remediation-1

Automated Alert and Remediation

With a fully integrated MDM/MTD solution, Automated Alert and Remediation capability enables you to return compromised devices to a compliant state and ensure authorised users have access to the company resources they need, when they need them.

4 Practical Stapes to Safeguard your Mobile Data

Gaping holes persist in mobile data security management practices across the country despite the Notifiable Data Breach (NDB) legislation in Australia and the General Data Protection Regulation (GDPR) in Europe.

On mobile, it’s all too common for employees to disregard data protection safeguards and take short cuts to stay connected. Stay a step ahead of your users with these practical steps:

1

Secure your mobile infrastructure

It’s essential to use Mobile Device Management technology to mitigate the risk of sensitive information getting into the wrong hands and to satisfy Notifiable Data Breech (NDB) requirements.  

3

Use two-factor authentication

Simple steps like password protection using two-factor authentication will also help strengthen security with two stages of confirmation required for users to access company documents or networks.

2

Harden the endpoint

Mobile data security starts with the device, and each mobile operating system requires a different approach for hardening the device.

 

4

Wrap your apps

App wrapping is a quick and easy way to securely deploy apps by segmenting the app from the rest of the device by encapsulating it in a miniature, managed environment.

AdobeStock_143396766_banner

The value on data security investments

Mobile data security is an essential component in any successful business.  

Clearly, the business value of implementing strong mobile data security initiatives cannot be overstated as the business cost of handling a data breach can be substantial and long term.

Average cost of a data breach globally = US$3.86 million

2018 Cost of a Data Breach Study sponsored by IBM Security and conducted by Ponemon Institute

 

Direct costs of a Data Breach

For any breach, the cost of identifying, isolating, and resolving the issue even before it has a chance to cause any damage can be significant. Direct costs include:

  • Legal fees
  • Hiring forensic professionals to investigate the data breach
  • Regulatory fines and penalties.

IIn Australia alone, penalties for not informing affected parties and the Office of the Australian Information Commissioner (OAIC) of a notifiable breach can amount to fines of $360,000 for individuals and $1.8 million for organisations.

 

Indirect costs of a Data Breach

Internal resources

Employees will need to be reassigned from business priorities to handle the fallout of the breach. Plus, there’s the cost of repairing and remediating a company database once it’s been hacked.

High customer turnover

Many existing customers will stop doing business with organisations that have been breached. 

Customer litigation

Even when financial losses cannot be quantified, many customers and victims will seek monetary compensation.

Reputational damage

The true extent to which a mobile data security breach damages your business reputation depends on: 

  • The size of the breach
  • The way information or reporting of the event is communicated
  • The number and type of stakeholders affected
  • How quickly and effectively the company is perceived to have acted.
risk calculator_sample image_rev

Understand your risk

How safe is your organisation from avoiding an OAIC fine?  Take our easy quiz to assess your company’s data risk.

The Impact of Security on the Bottom Line

In leading organisations, there’s a strong connection between cybersecurity and the business bottom line.

Studies show that organisations with strong cybersecurity also benefit from improved efficiency, reduced downtime following disruptions, and a stronger brand image. Yet it can be difficult to measure the return on data security investments.

To do so, you need to gauge what your company will save from not having security problems as a result of the investment. This involves estimating the risk exposure and understanding:

  • The cost of existing security problems
  • The impact a significant data breach would have and the expected loss value
  • The kind of controls and security solutions that may be required to address the risk.

The bottom line: robust mobile data security means no financial, brand and image loss to a business.

Get serious about mobile data security

Mobile device security has become a critical issue in the enterprise. The cost and consequences of a mobile data security breach extends to:

  • Penalties associated with a breach of customer data
  • Reputational damage
  • Disruption to business operations, including loss of staff morale, and
  • Likely loss of customers.

Whether you prioritise the need to avoid fines for data breaches or to protect your organisation’s reputation or brand, the faster a data breach can be identified and contained, the lower the costs.

It’s also important to remember that as mobile devices now contribute to the majority of internet traffic globally, the potential for data security breaches stemming from mobile devices is likely to rise.

Some of the top threats against mobile devices include:

  • Data leakage – involves the unauthorised transmission of data from within a business to an external destination or recipient via a mobile device.
  • Phishing – 48% of phishing attacks are on mobile according to Cloudmark and the number of mobile phishing attacks is doubling every year.
  • Malware – malicious software that specifically targets the operating systems on mobile phones comes in many forms variants with different methods of distribution and infection.
  • Cryptojacking – involves the use of scripts that run on webpages or in mobile apps to harvest the processing power of the user’s device to mine for cryptocurrency.

All businesses need to get serious about incorporating mobile data security practices into their operations. It’s important to identify vulnerabilities in the business, and adopt a security culture to demonstrate the benefits of implementing strong security measures. It’s essential for everyone in your organisation to be aware of the risks associated with mobile data loss and exposure.

How to Stop Employees being a Big Risk

While the range and variety of mobile security threats are rising, all too often, it’s employees who create the weakest link when it comes to enterprise mobile security. In cafes, hotels and airports, employees invariably prioritise convenience over security and use a Wi-Fi hotspot even when there’s no guarantee it’s fully secure. If they are using their own devices, they may neglect to update the operating system to the latest version which means they don’t have the latest security patches installed.

 

48% of employees sacrifice mobile security for the sake of speed and efficiency. Verizon Mobile Security Index 2019

 

According to Verizon’s Mobile Security Index 2019, 81% of organisations point to employees as their biggest mobile security risk. To mitigate this risk, businesses need to implement actionable solutions and enforceable security policies, including:  

pillar-list-icon

Establish a mobile security travel policy

Update company policies to protect business travellers from both malicious and inadvertent mobile data security breaches.

pillar-list-icon

Employ multi-factor authentication

Multi-factor authentication provides an extra layer of security for users accessing company apps, tools, and data. Users are required to prove their identities using two or more verification methods before they can be authenticated.

pillar-list-icon

Optimise BYOD practices

If your company employs a BYOD (Bring Your Own Device) policy, make sure each device has a firewall and antivirus software installed on it. It’s also good practice to restrict employees from being able to connect unknown external hardware, such as portable USB flash drives, to any company device.

pillar-list-icon

Mandate VPN use when using Wi-Fi

Enterprises use VPNs to ensure secure connections for remote workers. A VPN acts as a middleman between a device and the internet – the website interacts with the VPN server which communicates with the device. Since this interaction is encrypted, nobody can see what data is shared online. By not requiring a VPN, enterprises are more vulnerable to security risks.

pillar-list-icon

Introduce training and education

To ensure employees understand the importance of cybersecurity – in and out of the office, it’s essential for IT and other leaders to drive home the significance of data privacy and protection. Employees must be able to understand why it’s important, how it can impact them, and what steps they must follow to prevent a breach. Your people need to be comfortable recognising and reporting threats.

pillar-image

Reduce Risks with our Secure Solution

Top tier MTD capability, MDM/EMM integration, automated remediation, and support from our contact centre. It’s peace of mind for securing enterprise mobile data.

Feedback

The response was quick and the representatives were helpful and knowledgeable.

Muralidharan from Metcash

Metcash
Very quick responses. Seemless actioning of request. Awesome support. Thanks for a great service

Mark from Accenture Australia

Accenture
Very informative staff, easy to contact and the daily status updates were highly appreciated

Emily from PricewaterhouseCoopers

pwc
Amazing customer service, amazing work from the whole team!!

Andrew from Woolworths

Woolworths

Converged Communications Solutions

Our solutions range from mobile endpoint fleet management to cloud-delivered unified communications involving processes, services, hardware and software through to high performance networks, carriage and connectivity, and beyond onto helpdesk, support and training.
imei Intelligence_blue

imei Intelligence

Reveals the current effectiveness of your mobile device fleet and network infrastructure for voice and data to help you control costs and reduce security risks.
imei Lifecycle_blue

imei Lifecycle

Complete end-to-end management of mobile devices and endpoints, including provisioning, staging, helpdesk, support, management and decommissioning to keep your people connected.
imei Unicoms 14

imei Unicoms

Secure unified communications for mobile, voice, messaging, collaboration and remote working to keep your people working together effectively.
i5-hover

imei Secure

Enterprise mobile data and user authorisation management helps secure your confidential data and protect user privacy.
imei Connect

imei Intelligence

Connectivity and carrier management services for WAN / Private WAN / VPN and mobile services to keep your communications pipelines fast, reliable and cost-effective.
imei Network

imei Network

Efficiently designed and deployed WAN, LAN, Wi-Fi networks for single and multiple work and remote locations to keep your offices connected and your systems up and running.

Latest Blogs

Plug on your headphones (or earbuds if you prefer) and strap on your seatbelt. The noise around trends in technology . Read More...

Data security is as much about your people as it is about the technology you deploy. As employees can be the focus of . Read More...

As businesses become increasingly dependent on the remote workforce, keeping remote workers securely connected is fast . Read More...

Contact us

Call us toll free on 1300 65 7799 or email us below and will we get straight back to you.