Why mobile devices are weakest link

(Editor’s note: Mobile devices have become a primary targets for hackers and cyber criminals. In this guest essay, Rainer Enders, CTO of Americas at NCP engineering, explains why they’ve become the a weak link in network defenses.)

Mobile technology companies focus first and foremost on consumers rather than the corporate market. As such, most mobile operating systems lack many of basic security features. What’s more, with so many models from myriad manufacturers running on different versions of a platform such as Android, there is a glaring lack of consistency and basic security protocols.

Cyber criminals are targeting mobile devices more than traditional PCs, and, astoundingly, companies continue to let these devices run rampant and unmanaged on their networks.

No employee wants to be the one to unlock the door and let cyber criminals in. That, however, doesn’t stop it from happening. New research also shows that an estimated one million high-risk Android applications will get introduced into corporate networks this year.

Another recent study analyzed 2 million currently available Android apps, from both third parties and the Google Play store, classifying 293,091 as outright malicious and an additional 150,203 as high-risk. When you factor in iOS, Windows Mobile, BlackBerry and any other mobile platforms, the IT landscape is no longer centered on securing an exclusively Windows-based ecosystem.

Mobile security is a systemic problem, largely due to the business world’s inability to either comprehend or acknowledge that the status quo will no longer suffice. The only way to safely approach the use of smartphones, tablets and other mobile devices in the corporate sphere is to proactively manage how they are used.

Enterprises also cannot afford to continue the tried-and-no-longer-true practice of operating siloed security systems that react to attacks after they have already been hit. By then, it is too late. Instead, they need to bring together and connect the best of the best from all corners.

IT departments need to break these siloes open, integrate critical technologies with one another and educate the workforce in order to build in-depth mobile threat defense and response protocols. It has taken people far too long to connect the dots between mobile attacks in the last two years and how companies view IT security. If we are to stem the tide of mobile attacks, we’ve got to build a better dam.


Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone