Mobile devices increasingly vulnerable to malware

October 1, 2012

As more companies allow employees to use personal devices in the workplace, it is crucial that professionals follow mobile security guidelines to prevent possible breaches and threats.

There are a number of benefits from the bring-your-own-device movement, including an increase in productivity, higher work satisfaction and lower costs. However, a recent Osterman Research survey shows that there has been a steady increase in hacker attacks among small and mid-sized businesses between 2007 and 2012, reported GMA News.

Breach concerns
If a mobile device becomes infected, IT departments will spend time and money securing smartphones and tablets from data loss. According to a study from a software security developer, it can take at least 72 minutes to clean one device and ensure that an unauthorized person cannot access company information.

A study from Grudi Associates, an IT service provider, found that company owners are becoming more concerned about security and control issues presented by BYOD users who work on projects with their devices, eWeek reported. Because the number of people using phones for work is growing, company owners must take action to prevent malware and phishing incidents.

Security policies
According to a recent study conducted by security awareness training company KnowBe4, and ITIC research firm, 71 percent of organizations that allow professionals to bring devices to the workplace have no policies in effect to ensure data protection.

"There needs to be some policy-based level of control, some sort of documentation or contract or rules," said Hyoun Park, principal analyst at Nucleus Research.

Businesses should have BYOD policies that outline the responsibilities and rules that must be followed. IT departments are urged to discuss these guidelines with employees and have them sign it as they would a contract. A company can also choose to invest in mobile device management (MDM) software. With the permission of their workers, IT departments can use MDM to wipe information and monitor application downloads to determine whether they are infested with malware.

Professionals should implement security measures on their own time to protect company data. The most basic form of security is a password that could inhibit a hacker from stealing materials. Experts also recommend keeping devices up-to-date by installing the latest hardware and software requirements.

By educating workers on proper network security measures, business owners can prevent cybercriminals from locating vulnerabilities and accessing confidential data.

-McAfee Cloud Security