Four Steps to Address Security Concerns with Mobile Device Security
Three Hikvision Tips for Preventing Mobile Device Hacks
The Security magazine article, “Protect Your Enterprise by Setting Standards for Mobile Security,” outlines a multi-step plan to address cyber concerns with mobile device security.
From the article: “Without adopting even the most basic precautions to ensure they aren’t as susceptible to mobile security compromises, organizations large and small repeatedly make themselves a target to hacks—from cryptojacking to malware. While these organizations continue to focus on servers and personal computers as the top priority for protection, mobile devices remain in constant jeopardy to potential attacks.”
Four steps to prevent mobile device security concerns are:
- Assess the current security state by determining internal weaknesses and how to correct them to prevent a hack or compromise.
- Protect against threats by adopting measures such as two-factor authentication, limiting Wi-Fi access to only approved networks, or preventing employees from downloading unfamiliar apps to their devices.
- Enterprise security leads can enact controls to address potential concerns. Deploying mobile threat detection software will automatically scan for weaknesses or potential threats, according to the article.
- Ensure you have tools to respond quickly in the case of a cyberattack. The article suggests a policy to lock down employee personal information if an attack occurs, until the infected mobile device can be isolated.
The article reiterated that one single plan of action alone will not prevent security concerns. Instead, implementing a multi-step plan of action can help prevent and address threats.
Three Hikvision Tips for Preventing Mobile Device Hacks
Hikvision’s cybersecurity director, Chuck Davis, outlined advice for managing security concerns related to mobile devices in this article: “Cybersecurity Tips from Hikvision to Address Vulnerabilities, Insights for Mobile Device Security.”
“Today, organizational cybersecurity is challenging as many services and data are stored in third-party cloud environments, and laptops and mobile devices allow employees to work from anywhere in the world, when connected to the Internet,” said Davis, in the blog.
A few challenges with mobile device cybersecurity include:
- Companies don’t want to buy a mobile device for every employee and contractor.
- Many employees and contractors don’t want to have their employer install software on their personal mobile device.
- Many employees and contractors do not want to carry around two cell phones or mobile devices.
- Companies should not trust employees and contractors to properly secure data on their personal devices.
Davis recommends the following three tips to address mobile device security:
- Allow access to cloud services using strong, multi-factor authentication.
- Only allow registered hardware to access cloud services.
- Install a Mobile Device Management (MDM) tool on employee devices:
- This creates an encrypted section of storage that is used like a sandbox. The organization cannot see outside of the sandbox (i.e. employee personal photos or text messages) and vice versa. The organization can have business apps installed and stored, and if an employee leaves, the employer can delete all company data inside of the MDM sandbox.
- It enforces strong password access to the device (using a full password instead of a 4-digit pin).
- It can enforce biometric access where available.
- It can install a trusted certificate on the device to allow for encryption of storage and communication back to the organization’s intranet.