Despite the doom and gloom that some pundits have heaped on the mobile workforce, the mobilization of the modern enterprise shows no signs of stopping. The productivity benefits and cost savings are too compelling for many organizations to resist. And mitigating the risks isn't impossible for a knowledgeable security expert. Here are four mobile workforce security threats for you to keep in mind as you work with your customers.
1. Public or unsecure Wi-Fi
Mobilizing the workforce liberates employees to work anytime, anywhere, and in many cases from any device. All an information worker needs to stay in the loop and stay productive is a laptop, tablet, or smartphone and an Internet connection. And therein lies the rub. Public Wi-Fi connections are ripe for eavesdropping; a clever hacker can easily intercept any unsecured data traveling over such networks. Advise your customers to look into remote access VPNs and client-side data encryption technologies to prevent sensitive data from being stolen.
2. Mobile apps
Of particular concern in BYOD environments is the security of the applications employees install on their devices—especially the apps that they download on their own time, for their own personal use, rather than with the authorization of the IT department for professional use. The relative lack of barriers to entry for mobile developers means that the mobile markets are flooded with applications, not all of which are up to enterprise security standards. A compromised personal app can compromise any corporate data or credentials stored on the same device. Prepare to educate your customers on the benefits of containerization technologies to segregate personal and business data on BYOD devices.
3. Social media
Speaking of personal apps on employee devices, social media use remains one of the top threats to information security in BYOD organizations, for several reasons. Scammers looking to guess or steal information workers' corporate access credentials have become extremely sophisticated at using social media to achieve their goals, and the vast majority of people will have no idea how their passwords were guessed or their information stolen. (How many people realize what those "5 Things About Myself" quizzes can be used for?) In addition, malware spread through mobile platforms and across social media continues to proliferate. Mobile security software will help protect devices, but you should also educate your customers on the importance of training workers in safe social media use.
4. The mobile workers themselves
All of the above threats have something significant in common: the employees who use the mobile devices. In fact, when it comes to mobile workforce security, mobile workers are the biggest threat to enterprise information security—not due to malice, but simple lack of awareness. Organizations are becoming more proactive about developing safe Internet use policies, but in most cases, take an overly breezy, "Sign off on it and forget it" approach to communicating those policies. Offer to help your customers train their employees in mobile security best practices and guide your customers towards mobile management and security solutions with sophisticated monitoring and alerting capabilities to make enforcement easier.
There's no doubt about it, a mobile workforce is a more connected, more accessible, and more productive workforce. Unfortunately, a mobile workforce can also be a more risky workforce. Mobile workforce security demands both the right technology and the right employee education. Are you ready to steer your customers in the right direction to mitigate the risks of their mobile workforce and make the most of BYOD initiatives, safely?
What are some ways to do so? Please share in the comments here.