We all use mobile technology, but are we safe?
When it comes to business, no brand is mobile-tech free. We not only have our own mobile technology, but most offer it to consumers, so are we handling the data properly?
There are hundreds of security questions that must be considered, so we’ve asked Andrew Hoog, Co-Founder and CEO of NowSecure to narrow it down for us.
In his own words below, he explains why this matters to brands of all sizes, and what questions you must ask yourself and your company right now:
Your organization’s mobile environment
Mobile has greatly increased the number devices that threaten organizations – large and small. Any device that touches a company’s mobile ecosystem can impact its security – including company-owned, employee, vendor and customer devices.
In addition to devices, user activity and actions on those devices significantly impact the overall health of an organization’s mobile environment. In fact, a study by NowSecure revealed that 43% of smartphones don’t have a password, PIN or pattern lock on their device and 50% connect to unsecured WiFi at least once a month. If that wasn’t scary enough, 48% of mobile apps on any given device have at least one major security vulnerability that either leaks sensitive data or allows unauthorized access to sensitive data.
Protecting an organization from mobile threats requires being proactive, unrelenting and knowledgeable about the threat landscape and the solutions that work. Mobile devices require a different type of incident response and businesses need to ask the right questions in order to prevent a devastating attack before it ever happens.
Below, the mobile enterprise security experts at NowSecure have highlighted the 10 most important questions any business should be asking about how secure their mobile ecosystem really is and what measures they have in place to protect their mobile data and prevent attacks.
10 Questions you should ask about mobile security:
- Do the apps you or your outside agency develop follow best practices for security?
- Do you have visibility into the security of the mobile devices impacting your organization?
- Is mobile security testing built in to your app development lifecycle?
- How secure are the third-party mobile applications on enterprise-connected devices?
- Are your employees trained on mobile security best practices?
- Are there any restrictions in place to the kinds of company data that may be accessed by employees using their personal mobile devices?
- Does your company have a comprehensive mobile incident response strategy in place?
- Does your mobile security strategy address the unique challenges of the technology, or is it really just a repurposing of your traditional computing security solution?
- How do you keep up to date with of the latest known mobile security vulnerabilities?
- What criteria and analytics do you use to perform quantitative mobile risk assessment evaluations?