Forget the solar eclipse — these 3 mobile security eclipses are just as time-sensitive
With the solar eclipse right around the corner, many people are gearing up for something they haven’t seen in decades — or ever. This will be the first total eclipse visible from the continental US in 38 years. On Monday, Aug. 21, everyone in North America and parts of South America, Africa and Europe will see at least a partial eclipse, while those in the thin “path of totality” will witness the whole thing, according to NASA. However, as with any solar eclipse, not everyone on the globe can see the phenomenon this time around.
When it comes to your mobile strategy, there could be hidden security threats that aren’t visible to you right now, but that doesn’t mean they aren’t there. Mobile technology evolves quickly — faster than traditional IT departments can adapt their protocols — often creating dangerous gaps in security. At the same time, cybercriminals are getting smarter and their attacks are getting more sophisticated. This makes it hard to protect a company’s data across all the devices, internet connections and cloud software-as-a-service (SaaS) applications that tap into it. Case in point: Bloomberg reports US companies and government agencies suffered a record 1,093 data breaches last year, up 40 percent from 2015.
What are the security eclipses in your enterprise mobile strategy you need to shed light on? Beware and prepare for these three dark places:
1. Shadow IT
The combination of cloud SaaS and mobility makes teams more productive and more collaborative, so it’s no wonder workers are clamoring for better technology to do their jobs. The problem is they’re going around IT — and enterprise security protocols — to do it.
The average company now uses 1,427 cloud services, according to Skyhigh Networks. Very few companies have the IT resources to properly vet so many third-party cloud vendors or properly integrate those tools into the secured enterprise technology stack. In fact, Gartner predicts 27 percent of corporate data traffic will bypass perimeter security by 2021 and flow directly from mobile and portable devices to the cloud.
The solution: to rein in shadow IT and minimize associated risks, IT organizations are suggested to proactively recommend cloud services that meet both business and security objectives. At the same time, they can use identity-as-a-service solutions to secure cloud services and reveal the use of unsanctioned SaaS applications.
2. The void outside your firewall
Even IT-approved cloud services can threaten enterprise security when they’re accessed insecurely. Your IT professionals know better than to use an open wireless network, but many of their colleagues are in the dark about security best practices.
In fact, according to a recent Bitglass study, one in five people surveyed over a 10-hour sample period put their mobile devices and corporate data at risk by using public wifi hotspots.
The solution: educate employees about safe internet practices, while also using mobile device management solutions to containerize, encrypt and lock down your most sensitive corporate data.
3. Nooks and crannies of your mobile apps
For most companies, app development is now a major component of the enterprise mobile strategy. As IT departments and third-party developers struggle to meet company-wide demands for new custom or hybrid apps, many employees are taking matters into their own hands and developing shadow apps using plug-and-play cloud services. This helps speed innovation, but if these apps access corporate data, they can also leak it. And, even apps built by IT pros can become buggy and glitchy over time.
According to a 2017 study by the Ponemon Institute, 11 percent of IT security professionals know with certainty that their organizations have experienced security breaches because of mobile apps. Another 15 percent said this was “most likely” the case, while 34 percent said it was “likely.”
The solution: to keep your apps from leaking sensitive data, both your senior and junior developers need a secure platform for app development, back-end integration, monitoring and maintenance.
Your organization now has a 2 6 percent chance of experiencing a material data breach according to another study by the Ponemon Institute and IBM. Such a breach won’t just cost you money. Financial losses are often eclipsed by the loss of customer trust and loyalty — and subsequently, their business.