The Verizon 2021 Mobile Security Index finds that forty percent said that mobile devices are the company’s biggest security risk; seventy-eight percent expected home working to remain high even when COVID-19 is no longer an issue, and seventy-five percent said that their business’s reliance on cloud-based apps is growing. Cybersecurity experts offer perspectives.
<p>Most IT departments are not structured to be mobilized. Sending a member of your IT staff out into the residences of employees to set up remote access, the availability of network library shares and FTP up/downloads is largely out of the question. Sadly, there are also no controls in place that would prevent kids from working on Dad\’s computer or losing his cellphone. The more local control you release by expanding the workplace beyond a secure, hard-wired network, the greater the security threats to your work environment, et al. Plan for it.</p>
<p>Remote work, Work From Home, teleworking, or whatever you want to call it, is here to stay. This means adjusting network defenses and security policies to support the transient nature of where people work from, regardless of which network they connect to. A secure edge architecture, where you can protect devices through micro-segmentation and manage security policies centrally, without necessarily owning the user\’s device is what security teams are looking for. Adding a layer of security and management to historically unmanaged BYOD is a huge step forward in adapting to the decentralized world of work we now live in.</p>
<p>An important point is this is not only about people using their own laptops or PCs to do their work – there is an increasing reliance on mobile apps running on mobile devices such as android phones, iPhones or iPads for all kinds of applications accessing sensitive corporate data</p> <p> </p> <p>A good example is in healthcare, where medical professionals used to access the medical and administrative applications they needed from within a trusted hospital network with trusted devices (owned and managed by the hospital), but with the explosion of virtual healthcare they are now accessing medical apps, medical devices and accessing sensitive patient data from apps on their own mobile devices while on the move or at home. This changing access profile means that mobile apps and their new APIs create a new attack surface for bad actors.</p>