Think your enterprise mobile devices are secure? Think again. The devices your employees use for work purposes are treasure troves of sensitive information, writes DOROS HADJIZENONOS, Country Manager of Check Point South Africa.
Think your enterprise mobile devices are secure? Think again. The iOS and Android devices your employees use for work purposes are treasure troves of sensitive information, and it only takes one compromised device to put your business in a perilous predicament.
A 2016 survey of IT security professionals showed that 40% of organisations make BYOD available to all employees while 32% make it available to select employees. Workers use these same devices to download personal apps and emails – exposing your network to phishing scams and malware infections.
More than one billion Android mobile devices are not safe – and may never be. iPhones and iPads aren’t immune to risk either. In fact, there is a 50% chance that an organisation with more than 2,000 mobile devices has at least six infected devices.
Here are the five most common misconceptions about mobile security and how you can secure your mobile workforce.
1. Mobile isn’t a big problem
Firewalls and security infrastructures that protect PC desktops and laptops do not provide enough protection from mobile attacks.
Mobile attacks come from three primary sources: network attacks, infected apps and system exploits. While testing mobile security for prospective customers, Check Point regularly finds 5% to 20% of enterprise devices are already compromised. It takes only one compromised device to penetrate your security perimeter.
Discovering a breach takes an average of about six months, and a response to fix the breach another three months. This means that once a breach is detected, the damage is already done. Remediation can be costly, as is containing the damage to brand reputation. Even if the damage is under control, your company may not know vital trade secrets were compromised until your competitive advantage is suddenly lost.
2. MDM is enough
Many companies rely on basic mobile hygiene policies using mobile device management (MDM) or enterprise mobility management (EMM) solutions. Some augment these solutions with a hodgepodge of point solutions that offer incremental and often rudimentary enhancements.
These solutions help control damage inflicted by compromised devices and address many known threats, but are unable to detect recently created malware or new vulnerabilities in networks, operating systems and apps.
For example, gaining root access to a mobile device (also called “rooting” on Android or “jailbreaking” on iOS) enables cybercriminals to make a broad range of customisations and configurations to serve their objectives. MDM and EMM systems detect the existence of certain files in a system directory that enable root access by employing several methods, including static root indicators. However, free tools for Android and iOS devices are available for avoiding this type of detection. By changing root access indicators continually, cybercriminals can evade detection, and even deny root check requests from the EMM or MDM system, disabling detection entirely.
3. Secure containers are safe
Secure containers for data management platforms provide security inside the enterprise perimeter. However, mobile devices often access systems and apps like Salesforce, Oracle or SAP outside the perimeter. While these systems and apps have their own protections, network spoofs or man-in-the-middle attacks eavesdrop, intercept and alter traffic. Everything a user does, including entering passwords, could be intercepted by criminals, and used to breach the perimeter and to steal financial and personnel information.
Attackers often trick employees into logging into malicious sites. While users believe they’re interacting with a known and trusted entity in the cloud, the attacker takes over their device, copying credentials, snooping on instant messages, or stealing their sensitive information.
Corporate executives and employees sometimes save critical documents and sensitive information outside the secure container – using a cloud storage service to easily access while travelling or share with partners. Once compromised, attackers intercept these communications and access these important and sometimes confidential documents.
4. iOS is immune
Apple’s iOS is not immune to threats. Some organisations using MDMs unwittingly distribute infected apps to iPhones and iPads. Apps from unauthorised, unreliable app stores may also harbour viruses, and hackers even compromised Apple’s development tools, sneaking malware into new apps without the developers’ knowledge.
Check Point recently discovered a vulnerability found in iOS that exploits a loophole in the Apple Developer Enterprise program. The program lets organisations develop and distribute apps for internal enterprise use without publishing them on Apple’s App Store. These apps typically distribute quickly and directly to devices.
However, malicious apps can use this same method and enable criminals to stage man-in-the-middle attacks and hijack communications between managed iOS devices and MDM solutions. This type of exploit gives criminals control of the devices, the data that resides on them, and even enterprise MDM services.
Flaws in Apple’s enterprise app installation process allow the introduction of unverified code into the iOS ecosystem. MDM systems could end up being the distribution systems for the very malicious apps they are defending against. Without an advanced mobile threat detection and mitigation solution on your iPhone, you may never suspect that any malicious behaviour ever took place.
5. Mobile antivirus is all I need
Mobile antivirus solutions are limited compared to their PC cousins. They can uncover malicious code in apps by looking for unique binary signatures that identify known malware. However, criminals have found new ways to obfuscate those signatures, making them useless in the detection of mobile malware. Even a slight change in the code, such as adding a simple line that does nothing, changes the app’s signature and the new version of the malicious app will slip by undetected by the antivirus program.
Signatures are not available for “zero-day” (newly created) malware. To catch and block a virus, your antivirus program first must know that it exists. Even if updated daily, antivirus programs still couldn’t keep up with the onslaught of these attacks.
Secure your mobile workforce
Mobile devices require a new, intelligent approach to threat prevention. MDM and EMM protection and secure containers are not enough, and antivirus products cannot cope with new malware found every day. Even iPhones are not secure. The continuous, rising wave of attacks puts your company at serious risk.
You need a solution that continuously analyses devices, uncovering known and unknown vulnerabilities and criminal behaviour, by applying threat emulation, advanced static code analysis, app reputation, and machine learning.
Stop malware before it communicates with criminal servers, and detect threats at the device, app, and network levels. Always have an accurate picture of the threats and devices on your network and detailed information about risk mitigation.
Huawei goes ultra-premium
Porsche Design and Huawei have launched the Porsche Design Huawei Mate RS in South Africa exclusive to MTN and retailing for R 26 459.
The Porsche Design Huawei Mate RS boasts features like the world’s first dual fingerprint design, including an in-screen fingerprint sensor, the world’s first Artificial Intelligence (AI) processor and Leica triple camera with 40MP image capture.
“After the overwhelming success of the Porsche Design Huawei Mate 10 Pro in South Africa, we now bring you our latest offering, a perfect blend of innovation in a smartphone and luxury design,” said Likun Zhao, Vice President of Huawei Consumer Business Group Southern Africa. “From three-point security feature including facial recognition, rear fingerprint scanner and the new innovative in-screen fingerprint to the Leica triple camera system. it culminates in an unprecedented experience for our customers.”
The device incorporates Porsche Design’s signature design language and Huawei’s breakthrough technology. The phone has a 6” 2K curved OLED screen and symmetrical look, minimalist feel and 8-edged 3D curved glass body.
High performance is symbolised by the naming of the smartphone: the term “RS” in the world of Porsche motorsport stands for outstanding racing performance.
Huawei provided the following information on The Porsche Design Huawei Mate RS benefits and features :
· The world’s first dual fingerprint scanner for enhanced convenience, allowing users to wake and unlock the device simply, thanks to an in-screen fingerprint sensor. Hover to wake the device, touch to unlock it
· The winning combination of Leica triple camera with 40MP RGB sensor technology and exceptional photography powered by Master AI. This combination puts effortless, eye-catching photography at the fingertips of those looking to immortalise their favourite moments. Combined with 5 x hybrid zoom, and the world’s first AI image stabilisation on a smartphone camera ensures photography lovers can capture the best shots with exceptional clarity in almost any situation
· The Porsche Design Huawei Mate RS is the first Huawei handset to allow quick wireless charging, making it even easier to keep the phone topped up and ready to go and, thanks to its long lasting battery, users will easily be powered through the busiest of days
· An ‘intelligent’ smartphone, the powerful AI processor automatically tailors the performance of the phone according to how it is used – constantly learning, understanding and anticipating needs, it is the perfect personal assistant for the pocket
· 256GB of internal storage means those constantly on the go and constantly on their phone can be worry free
· Dual SLS (super linear system) speakers with DOLBY ATMOS enable users to have a superior experience, with the best immersive surround sound and entertainment on the go
· Splash, water and dust resistant, which means there is no need to worry about damaging the device in the rain or accidentally dropping it in water
Jan Becker, CEO Porsche Design Group, said: “Both Porsche Design and Huawei seek to imagine and develop products that stand for precision and perfection, intelligent functionality and highly sophisticated design. Our aim was to create an outstanding device that goes one step further. We believe we have reached this goal by taking our partnership to the next level.”
Porsche Design and Huawei have worked in tandem to develop a smartphone that fuses together the two brands’ DNA, wealth of experience in design and technology, industry-leading expertise and exceptional performance. Through the use of colour in the device’s body, software themes and accessories, the new handset is accentuated with Porsche Design’s distinguished aesthetic and purist, minimalist feel.
The Porsche Design Huawei Mate RS will be available to purchase exclusively from MTN at R 26 459.
Cross-channel chat launched
Clickatell has launched a cross-channel live chat service, Touch Go, that transforms omni-channel customer care.
It enables live chat across a company’s website as well as social platforms (Twitter and Facebook) and mobile apps, bringing customer care and engagement into a single business platform.
“Today’s consumers expect to engage with your brand on the digital channel of their choosing,” says Deon van Heerden, Clickatell Engage CEO and Group CFO. “They want to message your business and instantly have queries resolved, find the information and services they are looking for, without the need for a voice call. Clickatell’s Touch Go makes that happen with the right level of capabilities for businesses of all sizes.”
Businesses can start using Touch Go immediately, with a free Starter option. Touch Go requires no credit card for sign-up and is fully featured with a simple setup process. It offers customisable branding, a unified chat desk business application as well as reports and analytics.
As the business scales up its digital customer care, it can opt-in for the Touch Enterprise offering. Touch Enterprise is designed for scaling up customer care efforts through advanced capabilities including AI driven virtual agents, sentiment analysis, automated workflows, enterprise integrations and in-channel mini-applications.
“Customer care has become a defining factor for sustained business success ” says Nirmal Nair, Clickatell Engage EVP Product & Marketing. “In an ever-increasing mobile native world, customers often choose to interact digitally, but they also expect to be able to reach a human immediately, should they need. Monitoring multiple channels and providing immediate action becomes challenging with siloed deployments. Touch’s unified solution allows businesses of all sizes to provide the customer delight in a simple modular approach.”