Mobile Device Cyber Security for your Atlanta Company
Are you worried about mobile device cybersecurity? You may not know if, but your end-users mobile devices are a significant liability for your small business.
Phishing, Smishing, Spear-Phishing, Vishing…where does it end? Attackers are constantly finding new ways to access your data, and your mobile devices are not immune to these threats.
The Risks with Bring Your Own Device (BYOD)
For years, companies have been encouraging end-users to bring their own device. Unfortunately, BYOD companies do not have conditional restrictions to avoid threats. As a result, the data contained within emails, SharePoint, calendaring, contacts, and other applications can become compromised.
Significant vulnerabilities have been discovered in the Android and Apple iOS ecosystems in recent years. As a result, it has become apparent that any device accessing corporate data is a potential avenue for attack.
INSI’s MobileAssess-IT Can Help Reduce Vulnerabilities
INSI’s experienced assessment experts conduct the MobileAssess-IT to evaluate the corporate risks on mobile phones/tablets, policies, and their impact on policies. Once we have gathered this information, we will recommend actions to secure employee-owned mobile devices for your business network. The Mobile Risk Assessments reviews 5 vulnerabilities:
- Pinpoint App Vulnerabilities – Your device must be updated regularly to protect against malware. Unknowingly, your end-users can permit potential hackers by agreeing to user terms. For example, some user agreements include permission to access contacts. A Mobile Risk Assessment will check against these vulnerabilities.
- Check User Grant Privileges – This follows the App Vulnerabilities because end-users do not typically read software EULA’s that request greater privileges than necessary to ensure ease of deployment. These elevated User Granted Privileges are landmines waiting to be exploited on vulnerable phone OS and apps.
- Review Sideloaded Applications – It is not unusual for end-user to install a “free” version of a mobile app. Unfortunately, it is not uncommon for “free” software to have malicious code or device profiles/SSL certificates. As a result, the software can harvest user data, banking credentials, personal pictures, and messages, or corporate data.
- Associate Malicious Device Profiles/SSL Certificates – Malicious Device Profiles and SSL Certificates are used to conduct Man in The Middle (MiTM) attacks on any cryptographically secured data leaving the mobile device. Unfortunately, this is a common way for an attacker to harvest usernames/passwords and sensitive data.
- Identify Rogue Networks – Attackers can set up wireless access points (WAP) and give them the same name as a legitimate network like a Starbucks Guest. Afterward, the end-user will try to access the WAP, and the attacker will install a device profile to access the corporate data. Unfortunately, executives with high-level access are especially vulnerable to these attacks.
INSI’s Mobile Threat Defense – The Best Cyber Security in Atlanta
INSI has partnered with Cybriant for two ongoing mobile threat defense offerings: standard and advanced.
- MobileAssess-IT Standard – An affordable way to protect your workforce, contractors, and BYOD users. Subsequently, this program will protect against common threats with end-user support, reporting, policy creation, threat escalations, and recommendations.
- MobileAsess-IT Advanced – This package includes the standard service plus AI-advanced threat and traffic analysis, deep app inspection and analysis, malicious app sandboxing, and detailed analysis.
It is important to note that INSI’s Mobile Device Management (MDR-IT) is a prerequisite to both programs. Additional enhancements available include app penetration testing and leaky app analysis.
INSI: The Best MSP in Atlanta!
INSI is the Top Managed Service Provider in Atlanta. We offer complete IT support packages for clients without internal IT and a la carte customized packages for small IT departments. Most importantly, we only charge the client for the exact service and level they actually need. In addition, this unique support model has proven to save the client money and greatly complemented the client’s internal IT strengths.
About the Author
Deborah Frazier is the author of IT Outsourcing Secrets – A Small Business Guide to Compare IT Support Companies. With nearly 20 years’of experience consulting small and medium-sized businesses on their IT support needs, she brings a wealth of knowledge to INSI as Head of Marketing and Sales. If you like this article and want to be notified when a new article is posted, click here.