According to Pew Research, 77% of Americans own a smartphone. And with the increasing affordability and accessibility of cloud technology for businesses small and large, a huge chunk of mobile users regularly connect to work from their devices.
Smartphones and tablets have improved business productivity tremendously, and as cloud specialists ourselves, we recommend mobile-optimized solutions on a daily basis. However, if those devices aren’t carefully managed, they can be one of the biggest security risks organizations face.
Let’s take a look at the top 10 reasons mobile devices make such easy targets.
#1 – Mobile users are more responsive
There was a wildly successful email scam in the spring of 2017 that was almost impossible to recognize by anyone who wasn’t an IT professional. It went undetected for several hours, and because mobile users routinely check emails on the go (and on average are 54% faster to respond to them compared with desktop users), they took the brunt of the attack.
Those without smartphones spent so much time away from their inbox that the whole thing had been dealt with by the time they saw the message.
#2 – Mobile devices are stolen more often than desktops
Consumer Reports found that more than five million smartphones and 600,000 laptops were stolen in 2014. In fact, mobile devices are so easy to walk off with that the majority of thefts happen between 12pm and 5pm. Furthermore, the office is the third most common location where phones are stolen!
#3 – WiFi networks are almost never free
From airports to downtown coffee shops, you’d be hard pressed to find a spot that doesn’t have a “free” WiFi network available. But even when your employees just need a quick connection to send a harmless Snapbookstagram photo, they’re exposing everything stored on their phones to hackers.
#4 – Mobile users have awful passwords
We’ve already covered what makes a strong password, but some of those guidelines are much more difficult to follow on a touchscreen. A study from Carnegie Mellon University School of Engineering found that users need 20% more time to type in a password on a mobile device than on a desktop, and they make twice as many mistakes. Usually, this means people lean toward mobile-friendly (Read: easy to exploit) passwords.
#5 – Out-of-date apps expose everything
Even if your employees are using the best software on the market, there’s no guarantee what the future holds. If a mobile user forgets to check for application patches, or if an app developer stops issuing updates, the entire phone is vulnerable to whatever cyberthreats have been released since the last patch. Considering the average American has over 90 apps installed on their phone, the likelihood that something is out of date is extremely high.
#6 – Outdated operating system
Can you remember the last time you updated your phone? Not the 90 apps you’ve downloaded to cure the boredom of your morning commute, we mean the phone itself. Between November 2017 and January 2018, Apple released seven updates to their mobile operating system. Can you guess how many included security patches? If you missed just one of them, your iPhone could be compromised.
#7 – Mobile malware is harder to recognize
Android and Apple devices have tightly regulated app stores, but they’re no Fort Knox. Despite how much users trust them, hundreds of apps are banished from app stores every year because they contained malware, and many of them are downloaded millions of times before being removed.
#8 – Awful QR codes
Quick Response codes are those awkward square-shaped barcodes that link to a URL or application. They’re perfect for two types of people: those who are too lazy to type in a web address, and those who want to commandeer your phone. Because there’s no way to know where a QR code links to before scanning it, all it takes is a convincing image promising a free car — and a hacker’s work is done.
#9 – “Smishing”
Smartphone users are susceptible to every kind of phishing scam, which is a scheme that criminals use to try to obtain sensitive information by disguising themselves as a trustworthy entity in some electronic communication. However, there’s one tactic that specifically targets smartphone users: smishing. It involves sending text messages that contain either dangerous links or requests for personal data — all under the guise of an important government or business matter.
#10 – Social Media
There are a million ways your employees’ social media habits can compromise security, but two stand apart from the rest. First, several platforms have location-sharing turned on by default, which makes a drunken 3am text an invitation to test the limits of point #2.
Point #2 is smartphone cameras are responsible for most of the photos posted to social media. And if you need to see how dangerous those can be, just check out what’s written on the post-it note in the background of this Hawaii Missile Alert Agency photo…
This may seem like a lot to worry about, but it’s not. With Mobile Device Management services from Spectrumwise, we can protect you from everything on this list with minimal input from your team. Our technicians have been providing fully managed IT solutions and support to Charlotte businesses for the past 17 years — give us a call today.