Most organizations understand that breach response and vulnerability disclosure are a huge part of the security process. However, despite the disclosed breaches, organizations continue to miscalculate or underestimate the risk caused by mobile.
Gartner predicts that, by 2017, “75 percent of mobile security breaches will be the result of mobile application misconfiguration” (Source: http://www.gartner.com/newsroom/id/2753017 )
Here is a brief overview of the 5 most common security breaches for mobile devices:
- Wireless transmissions are not always encrypted. Information sent by a mobile device, including email, is usually not encrypted while in transit. In addition, many mobile devices do not have firewalls to limit Internet connections.
- Mobile devices often do not have passwords enabled to authenticate users and control data access. On top of that, two-factor authentication is not always used when conducting sensitive transactions on mobile devices.
- Mobile devices may contain malware. Consumers can unknowingly download applications containing malware, oftentimes because an app is disguised as a game, security patch, or utility.
- Operating systems, as well as software on mobile devices, may be out-of-date. This includes security software. It can take weeks to months before security updates are provided to the consumers' devices.
- Mobile devices may have unauthorized modifications. The process of modifying a mobile device and removing its limitations (known as "jailbreaking" or "rooting") so that consumers can add features alters how security for the device is managed and can increase security risks.
The best defense is to keep mobile devices fixed in a safe configuration by means of a mobile device management (MDM) policy, supplemented by an integrated monitoring solution.
Nowadays, monitoring plays an increasingly critical part in the security makeup of an organization’s EMM strategy. Improved visibility and enhanced reporting will aid IT administrators to be proactive about potential breaches. IT administrators can be alerted in the event of any problematic behaviors and risky scenarios in order to address breaches before they happen.
GSX’ s BES12 Conditional spot check reports allow IT administrators to better control the security policy of BlackBerry users. They can set alerts and custom reports based on several conditions and filters to improve security, resource allocation, and mobile synchronization.
In summary, GSX allows you to:
- Receive alerts as soon as a non-compliant device is detected;
- Prevent non-compliant devices from using your system;
- Control installation of compulsory applications, as well as restricted and unauthorized ones;
- Detect devices managed by BES12 and any other devices using ActiveSync in your environment;
- Get reports on your entire mobile device population;
- Ensure that the compliant devices are working with optimum performance.
Every organization needs to realize that the threat landscape is ever-changing, and that it needs to be proactive when it comes to security breaches.