mobile security compromised by jailbreaking phones
DESCRIPTION
Mobile Security breaches and leaks are imminent threats facing enterprises today. While hackers definitely pose a security threat, employees may actually create more harm to a company. According to security analyst Kevin Sze, “Your employees who frequently use cloud services pose a larger threat to your organization than hackers”. Research group Gartner expounds on this impending threat, reporting that, “In 3 years, 75% of company- wide data breaches on mobile devices will be caused by the misuse of cloud applications & services.” Hence, mobile security is an issue that should be addressed immediately by corporations, given the recent increase in mobile security breaches.TRANSCRIPT
Mobile security compromised by ‘jailbreaking’ phones
Mobile Security breaches and leaks are imminent threats facing enterprises today. While
hackers definitely pose a security threat, employees may actually create more harm to a
company. According to security analyst Kevin Sze, “Your employees who frequently use
cloud services pose a larger threat to your organization than hackers”. Research group
Gartner expounds on this impending threat, reporting that, “In 3 years, 75% of company-
wide data breaches on mobile devices will be caused by the misuse of cloud applications
& services.” Hence, mobile security is an issue that should be addressed immediately by
corporations, given the recent increase in mobile security breaches.
While attacks on mobile platforms are actually quite uncommon, the instances where
employees use cloud services & applications to store documents via mobile platforms
have now become an everyday occurrence. Thus, “placing corporate information in the
cloud for remote working can build an uncontrolled stash of sensitive data”, says Gartner
principal research analyst Dionisio Zumerle.
Additionally, employees can further put sensitive and confidential company data at risk
by modifying one’s mobile device operating system. Given the mass appeal and
commercialization of jailbreaking iPhones & rooting android devices, operating system
manipulations have become quite common in the workplace. If a piece of malware indeed
infiltrates a jailbroken or rooted mobile device, it’s an easy operation to extract highly
confidential information. Furthermore, jailbroken or rooted devices are increasingly
disposed to cryptanalytic attacks which systematically running through all possible keys
or passwords, until successful.
Mobile device adoption is set to continue its astronomical rise, with 2+ billion
smartphones & tablets projected to be sold this year, Gartner reports. With this rise of
smartphones and tablets, while sales of traditional PCs decreasing, attacks on
smartphones and tablets are increasing, states research firm Gartner Inc. By 2017, the
focus of endpoint breaches will move to mobile platforms: tablets and smartphones.
Furthermore, Gartner states that 75% of all mobile security breaches will be the result of
mobile application misconfiguration and misuse – issues which can be easily evaded.
According to Dionisio Zumerle, principal research analyst at Gartner, a typical scenario
of misuse of cloud services occurs via smartphone and tablet apps. “When used to
convey enterprise data, these apps lead to data leaks that the organization remains
unaware of for the majority of devices," he said. Therefore, one of the best defense
mechanisms for a company is to enforce safe utilization and configuration. One way to
enforce this would be conducted via a mobile device management policy.
In conclusion, CIO’s and information technology leaders should make active efforts in
defending against malware on mobile platforms. Principal Analyst at Gartner, Zumerle
states, "You have to cleanout the hype about mobile security attacks and find out which
are the real risks for the enterprise. At this moment, the attacks are not very advanced.
They're very plain." In order to combat mobile security threats, Zumerle suggests clients
take on a more strategic approach on mobile security, by purchasing advanced
technologies which not only cover issues present today, but also those that can adapt to
future threats and conditions as they arise.