SlideShare une entreprise Scribd logo

6 Ways You May Be Losing Mobile Data - Symantec

David Martin
David Martin

Don't Lose the Data: Six Ways You May Be Losing Mobile Data and Don't Even Know It.

Technologie
1  sur  8
Télécharger pour lire hors ligne
WHITE PAPER: DON’T LOSE THE DATA: SIX WAYS YOU MAY BE LOSING . . . . . . . .DATA . . . . . . . . . . . . . . . . . . . . . . . . . . . . MOBILE . . . . Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Who should read this paper CIO, CISO, VP IT Operations, Mobile Architect, Mobile Program Manager . This paper briefly reviews the top six threats to your mobile workforce, matching real-world hazards with really helpful ways you can take action and achieve the security your business requires.
Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Content Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1. Device loss and theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2. Data leakage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 3. Malware and malicious attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 4. Shared devices and passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 5. Jailbreaking and rooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 6. Wi-Fi and wireless snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Introduction When your workplace is mobile, will your business get carried away? The mobile devices your employees love to use on their own time have now also become the business tools they use on your dime. Our recent research tells the story: 65 percent of our surveyed companies give employees network access through their own devices; 80 percent of the applications these employees use are not based on-premise, but in the cloud; and 52 percent regularly use, not one, but three or more devices. Sure, these mobile devices – including smartphones, laptops and tablets – open up new opportunities for portable productivity. But by their very mobile nature, they also open new vulnerabilities: new ways to lose data, lose protection and lose confidence in the security of your company network. Fortunately, productivity and protection can travel together – if you fully understand what the risks are and what you can do to mitigate them. This paper briefly reviews the top six threats to your mobile workforce, matching real-world hazards with really helpful ways you can take action and achieve the security your business requires. 1. Device loss and theft The most obvious risk is often met with the most obvious response: anticipate replacing lost devices. But many working devices are owned by the employees themselves – the "bring your own device" phenomenon. More importantly, it's what is on the device, not the device itself, that truly matters. Every lost device is a potential portal to your company's applications and data. Think we're overstating the issue? In 2012, we put our concerns to the test. In a project we called, "Operation Honey Stick," we "lost" ten smartphones in each of five major cities: Los Angeles, San Francisco, Washington D.C., New York City and Ottawa, Canada. Every phone was loaded with simulated corporate data and applications, and then abandoned in high-traffic areas. In the plus column for humanity, attempts were made to return half of the 50 phones. But from there, the numbers reveal a much bleaker picture of human nature. On 89 percent of the devices, attempts were made to access personal apps or data – which suggests that even the erstwhile do-gooders were tempted to do some bad. A total of 83 percent showed attempts to access corporate-related apps or data. A "saved passwords" file was accessed on 57 percent of the phones; on 49 percent, finders took a poke at a "Remote Admin" app that simulated access to the corporate network. Lesson learned: instead of focusing on lost devices, companies need to protect sensitive data that could be potentially lost. Basic device management must be complemented with policies for app and data protection. At one level, this means having the ability to quickly locate lost devices and perform remote data wipes; for protection at a deeper level, businesses should secure apps and encrypt corporate data on the move. 2. Data leakage Much has been said about threats from "malevolent insiders" who deliberately seek out and share confidential business information. But the greater threat may be from benevolent, well-intended employees who use cloud-based services, such as email and online collaboration tools, to simply get more work done more quickly. On the ever-evolving pathway toward greater ease of use (also known as: "consumerization"), employees feel comfortable working with applications designed for the convenience of consumers, not for the security concerns of corporations. 1
Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It But once in the cloud, your business data may be beyond your control. The popular file-sharing and document editing programs employees like usually lack the access and authorization protocols businesses need for data protection. Without deliberate controls, data can "leak" out of the corporate IT sphere and into the less secure world of risks Appropriate app and data protection must take a two-pronged approach to security: 1) enforcement of an application blacklist that prohibits access to non-approved applications; and 2) deployment of controls that prevent business data from being copied, pasted and/or otherwise shared via online applications. Relevant app and data protection capabilities include: • App-specific authentication • Data encryption • Copy/paste blocking • Disabling document sharing • Blocking access to modified (rooted or jail-broken) devices 3. Malware and malicious attacks In hard numbers, many more malware attacks threaten PCs than mobile devices. But the amounts of attacks on mobile devices are growing at a much faster rate. While traditional IT professionals are not paying much attention to mobile malware, the bad guys see mobile as their next big growth opportunity. At risk: identity theft, information exposure and data loss incurred by malicious attacks from trojan horses, monitors, and malware hitchhikers. Of these, the biggest threat may be "spoofed" apps; under the camouflage of a popular game or application, and the lure of a free download, these apps sneak malicious code into the device that can skim money from accounts or extract data from business networks. So-called "security" freeware lacks sufficient brawn and brains to address constantly mutating malware and ever evolving efforts to break business data barriers. Truly effective threat protection must account for the variations in risk profile among different platforms, and apply coordinated action to secure business assets against external attacks, rogue apps, unsafe browsing, and even poor battery use. 4. Shared devices and passwords According to recently published studies, near half of all employees share their devices with friends and family; another 20 percent share their passwords. Unfortunately, casual sharing of accounts represents the majority of workforce security breaches. Protecting mobile devices means much more than applying a screenlock. Before users can access business data and applications, it may be prudent to authenticate their identities. Consider applying a two-factor approach to authentication – the key to successful user and app access management, and app and data protection – that combines something the user knows (like a password) with something the user has (such as a token, a fingerprint or a retinal scan). 5. Jailbreaking and rooting In a BYOD world, it's easy for an employee to introduce a "jail-broken"/"rooted" device into the corporate environment. Such device modifications can circumvent security protocols, uninstall security features, and open access to previously protected file systems and data controls. 2
Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Businesses need to apply device management policies that apply consistent standards for configuration and security across all devices, whether they are owned by the company or the employees. Devices that have been modified should be identified and denied access to protect the corporate network. 6. Wi-Fi and wireless snooping If it's "free," it's probably fake; any hot spot that conspicuously calls itself "free" is likely to be fishing for data on the move. Users often do not recognize their vulnerability, and companies have no control or visibility into 3G, 4G and 4G LTE channels. Complete app, data, and device management policies should protect at two levels: • Communication, such as corporate email, through secure SSL or VPN connections • Encryption of corporate data when it is in transit and at rest within mobile devices To learn more about enterprise mobility that offers complete protection without compromising the user experience, visit http://go.symantec.com/mobility. 3
Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It About Symantec Symantec protects the world’s information, and is a global leader in security, backup, and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our worldrenowned expertise in protecting data, identities, and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at go.symantec.com/socialmedia. For specific country offices Symantec World Headquarters and contact numbers, please 350 Ellis St. visit our website. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 1/2013 21283507

Recommandé

Symantec Infogrphic - SSL Certificate Management
Symantec Infogrphic - SSL Certificate ManagementSymantec Infogrphic - SSL Certificate Management
Symantec Infogrphic - SSL Certificate Management
David Martin
 
2014 Security Predictions from Symantec - Infographic
2014 Security Predictions from Symantec - Infographic2014 Security Predictions from Symantec - Infographic
2014 Security Predictions from Symantec - Infographic
David Martin
 
Malaware - Stay Ahead Of The Threats
Malaware - Stay Ahead Of The ThreatsMalaware - Stay Ahead Of The Threats
Malaware - Stay Ahead Of The Threats
David Martin
 
Abdomen agudo viral
Abdomen agudo viralAbdomen agudo viral
Abdomen agudo viral
jesus maza
 
Charting The Rise Of a CyberCriminal - Infographic
Charting The Rise Of a CyberCriminal - InfographicCharting The Rise Of a CyberCriminal - Infographic
Charting The Rise Of a CyberCriminal - Infographic
David Martin
 
Symantec Survey: Cybersecurity Threats! Are You Prepared?
Symantec Survey: Cybersecurity Threats! Are You Prepared?Symantec Survey: Cybersecurity Threats! Are You Prepared?
Symantec Survey: Cybersecurity Threats! Are You Prepared?
David Martin
 
Increasing Cyber Attacks On The Energy Sector
Increasing Cyber Attacks On The Energy SectorIncreasing Cyber Attacks On The Energy Sector
Increasing Cyber Attacks On The Energy Sector
David Martin
 
Smoothly Navigate Your Backup & Recover Environment - Infographic
Smoothly Navigate Your Backup & Recover Environment - InfographicSmoothly Navigate Your Backup & Recover Environment - Infographic
Smoothly Navigate Your Backup & Recover Environment - Infographic
David Martin
 

Recommandé

Symantec Infogrphic - SSL Certificate Management
Symantec Infogrphic - SSL Certificate ManagementSymantec Infogrphic - SSL Certificate Management
Symantec Infogrphic - SSL Certificate Management
David Martin
 
2014 Security Predictions from Symantec - Infographic
2014 Security Predictions from Symantec - Infographic2014 Security Predictions from Symantec - Infographic
2014 Security Predictions from Symantec - Infographic
David Martin
 
Malaware - Stay Ahead Of The Threats
Malaware - Stay Ahead Of The ThreatsMalaware - Stay Ahead Of The Threats
Malaware - Stay Ahead Of The Threats
David Martin
 
Abdomen agudo viral
Abdomen agudo viralAbdomen agudo viral
Abdomen agudo viral
jesus maza
 
Charting The Rise Of a CyberCriminal - Infographic
Charting The Rise Of a CyberCriminal - InfographicCharting The Rise Of a CyberCriminal - Infographic
Charting The Rise Of a CyberCriminal - Infographic
David Martin
 
Symantec Survey: Cybersecurity Threats! Are You Prepared?
Symantec Survey: Cybersecurity Threats! Are You Prepared?Symantec Survey: Cybersecurity Threats! Are You Prepared?
Symantec Survey: Cybersecurity Threats! Are You Prepared?
David Martin
 
Increasing Cyber Attacks On The Energy Sector
Increasing Cyber Attacks On The Energy SectorIncreasing Cyber Attacks On The Energy Sector
Increasing Cyber Attacks On The Energy Sector
David Martin
 
Smoothly Navigate Your Backup & Recover Environment - Infographic
Smoothly Navigate Your Backup & Recover Environment - InfographicSmoothly Navigate Your Backup & Recover Environment - Infographic
Smoothly Navigate Your Backup & Recover Environment - Infographic
David Martin
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Nanddeep Nachan
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
The Digital Insurer
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vázquez
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
danishmna97
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 

Contenu connexe

Dernier

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Dernier (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 

En vedette

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 

En vedette (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

6 Ways You May Be Losing Mobile Data - Symantec

  • 1. WHITE PAPER: DON’T LOSE THE DATA: SIX WAYS YOU MAY BE LOSING . . . . . . . .DATA . . . . . . . . . . . . . . . . . . . . . . . . . . . . MOBILE . . . . Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Who should read this paper CIO, CISO, VP IT Operations, Mobile Architect, Mobile Program Manager . This paper briefly reviews the top six threats to your mobile workforce, matching real-world hazards with really helpful ways you can take action and achieve the security your business requires.
  • 2.
  • 3. Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Content Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1. Device loss and theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2. Data leakage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 3. Malware and malicious attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 4. Shared devices and passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 5. Jailbreaking and rooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 6. Wi-Fi and wireless snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
  • 4. Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Introduction When your workplace is mobile, will your business get carried away? The mobile devices your employees love to use on their own time have now also become the business tools they use on your dime. Our recent research tells the story: 65 percent of our surveyed companies give employees network access through their own devices; 80 percent of the applications these employees use are not based on-premise, but in the cloud; and 52 percent regularly use, not one, but three or more devices. Sure, these mobile devices – including smartphones, laptops and tablets – open up new opportunities for portable productivity. But by their very mobile nature, they also open new vulnerabilities: new ways to lose data, lose protection and lose confidence in the security of your company network. Fortunately, productivity and protection can travel together – if you fully understand what the risks are and what you can do to mitigate them. This paper briefly reviews the top six threats to your mobile workforce, matching real-world hazards with really helpful ways you can take action and achieve the security your business requires. 1. Device loss and theft The most obvious risk is often met with the most obvious response: anticipate replacing lost devices. But many working devices are owned by the employees themselves – the "bring your own device" phenomenon. More importantly, it's what is on the device, not the device itself, that truly matters. Every lost device is a potential portal to your company's applications and data. Think we're overstating the issue? In 2012, we put our concerns to the test. In a project we called, "Operation Honey Stick," we "lost" ten smartphones in each of five major cities: Los Angeles, San Francisco, Washington D.C., New York City and Ottawa, Canada. Every phone was loaded with simulated corporate data and applications, and then abandoned in high-traffic areas. In the plus column for humanity, attempts were made to return half of the 50 phones. But from there, the numbers reveal a much bleaker picture of human nature. On 89 percent of the devices, attempts were made to access personal apps or data – which suggests that even the erstwhile do-gooders were tempted to do some bad. A total of 83 percent showed attempts to access corporate-related apps or data. A "saved passwords" file was accessed on 57 percent of the phones; on 49 percent, finders took a poke at a "Remote Admin" app that simulated access to the corporate network. Lesson learned: instead of focusing on lost devices, companies need to protect sensitive data that could be potentially lost. Basic device management must be complemented with policies for app and data protection. At one level, this means having the ability to quickly locate lost devices and perform remote data wipes; for protection at a deeper level, businesses should secure apps and encrypt corporate data on the move. 2. Data leakage Much has been said about threats from "malevolent insiders" who deliberately seek out and share confidential business information. But the greater threat may be from benevolent, well-intended employees who use cloud-based services, such as email and online collaboration tools, to simply get more work done more quickly. On the ever-evolving pathway toward greater ease of use (also known as: "consumerization"), employees feel comfortable working with applications designed for the convenience of consumers, not for the security concerns of corporations. 1
  • 5. Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It But once in the cloud, your business data may be beyond your control. The popular file-sharing and document editing programs employees like usually lack the access and authorization protocols businesses need for data protection. Without deliberate controls, data can "leak" out of the corporate IT sphere and into the less secure world of risks Appropriate app and data protection must take a two-pronged approach to security: 1) enforcement of an application blacklist that prohibits access to non-approved applications; and 2) deployment of controls that prevent business data from being copied, pasted and/or otherwise shared via online applications. Relevant app and data protection capabilities include: • App-specific authentication • Data encryption • Copy/paste blocking • Disabling document sharing • Blocking access to modified (rooted or jail-broken) devices 3. Malware and malicious attacks In hard numbers, many more malware attacks threaten PCs than mobile devices. But the amounts of attacks on mobile devices are growing at a much faster rate. While traditional IT professionals are not paying much attention to mobile malware, the bad guys see mobile as their next big growth opportunity. At risk: identity theft, information exposure and data loss incurred by malicious attacks from trojan horses, monitors, and malware hitchhikers. Of these, the biggest threat may be "spoofed" apps; under the camouflage of a popular game or application, and the lure of a free download, these apps sneak malicious code into the device that can skim money from accounts or extract data from business networks. So-called "security" freeware lacks sufficient brawn and brains to address constantly mutating malware and ever evolving efforts to break business data barriers. Truly effective threat protection must account for the variations in risk profile among different platforms, and apply coordinated action to secure business assets against external attacks, rogue apps, unsafe browsing, and even poor battery use. 4. Shared devices and passwords According to recently published studies, near half of all employees share their devices with friends and family; another 20 percent share their passwords. Unfortunately, casual sharing of accounts represents the majority of workforce security breaches. Protecting mobile devices means much more than applying a screenlock. Before users can access business data and applications, it may be prudent to authenticate their identities. Consider applying a two-factor approach to authentication – the key to successful user and app access management, and app and data protection – that combines something the user knows (like a password) with something the user has (such as a token, a fingerprint or a retinal scan). 5. Jailbreaking and rooting In a BYOD world, it's easy for an employee to introduce a "jail-broken"/"rooted" device into the corporate environment. Such device modifications can circumvent security protocols, uninstall security features, and open access to previously protected file systems and data controls. 2
  • 6. Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It Businesses need to apply device management policies that apply consistent standards for configuration and security across all devices, whether they are owned by the company or the employees. Devices that have been modified should be identified and denied access to protect the corporate network. 6. Wi-Fi and wireless snooping If it's "free," it's probably fake; any hot spot that conspicuously calls itself "free" is likely to be fishing for data on the move. Users often do not recognize their vulnerability, and companies have no control or visibility into 3G, 4G and 4G LTE channels. Complete app, data, and device management policies should protect at two levels: • Communication, such as corporate email, through secure SSL or VPN connections • Encryption of corporate data when it is in transit and at rest within mobile devices To learn more about enterprise mobility that offers complete protection without compromising the user experience, visit http://go.symantec.com/mobility. 3
  • 7.
  • 8. Don’t Lose the Data: Six Ways You May Be Losing Mobile Data and Don’t Even Know It About Symantec Symantec protects the world’s information, and is a global leader in security, backup, and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our worldrenowned expertise in protecting data, identities, and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at go.symantec.com/socialmedia. For specific country offices Symantec World Headquarters and contact numbers, please 350 Ellis St. visit our website. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 1/2013 21283507