The TOP 10 BYOD Gotchas



Did you know? On any given day across the globe, the number of iPhones sold will exceed the number of babies born (378,000 to 371,000)



The problem is that mobile device security has not kept pace with mobile device crime. Criminals go where the money is, and the money is in mobility, so it’s vital to be aware of the risks. BYOD is a major paradigm shift. It's a battle in the ongoing war of security versus usability, and usability is winning.



These are the Top 10 BYOD Gotchas

1) Most people have weak passwords on their devices which make them simple to hack. Moreover, mobile devices are easy to steal, and many have non-encrypted data on their device.



2) Mobile devices are very often used to access social media, which are known to be breeding grounds for social engineering attacks, using shortened URLs. Personal and company information are mixed on these devices, making them an ideal infection vector and at the same time a flashpoint for data privacy legal conflicts.



3) BYOD multiplies the number of networks, applications, and end-points through which data is accessed. These are the three main points at which data is vulnerable; so, if left unmanaged, BYOD creates a huge data security risk.



4) Connections to unknown wireless networks that could be rogue access points which capture in-stream information. Bluetooth can be used to hack into mobile devices.



5) No malware protection running on the device. Smartphones and tablets need antivirus/antimalware!



6) Evil Apps downloaded by user that allow location tracking and data exfiltration. Location tracking assists stalking and burglaries.



7) Employees jailbreaking phones increases the attack surface of the device and makes the devices malware magnets.



8) A recent study showed more than 70 percent of the devices examined contained high-level vulnerabilities in their operating systems and applications. End users do not patch mobile devices in time. See this infographic.



9) Only a small percentage of IT departments are completely aware of the mobile devices regularly accessing their networks. That makes it difficult to train employees in proper security protocols. Create and distribute Acceptable Use Policy and give them security awareness training, which raises the danger of a damaging data breach occurring.



10) Compliance - Certain international regulations and standards spell out standards for how data is collected and stored, as well as how it must be made available for legal requests. There are potential compliance issues when it comes to employees storing enterprise data on their own devices.



11) Bonus! 'BYON' Bring Your Own Network - some devices have their own Wi-Fi hotspot which bypasses the company network and security measures all together.














Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews