Malware continues to become a growing and increasingly costly risk to mobile users today, with one in every 30 mobile browsing transactions, and one in every seven mobile app sessions proving to be potentially harmful. In fact, roughly 5.9 percent of subscribers encounter a risky website every day and are transmitted through URLs and mobile apps that mobile users access daily according to our recent research. Even more concerning is that teens and children populations are especially vulnerable as the proliferation of mobile devices, online and app activity increase dramatically. And because mobile is ingrained in all we do and how we live, it’s become increasingly difficult to identify and mitigate the growing volume of attacks targeted at this vector.
While there are vendors out there who represent various parts of the ecosystem and focus on everything from mobile device management (MDM) to endpoint security, communication service providers (CSPs) are in a unique position in the industry because they are at the heart of the digital experience and can stop threats at the network level. CSPs have access to a goldmine of network user data that can be used to better understand a range of user profiles when it comes to risky behavior. When armed with relevant data, CSPs can gain insights into who might be most susceptible to engaging with sites that may contain malware, spyware or phishing scams, and intervene with network-based solutions that can minimize that user’s specific risks. By offering network-based security services, CSPs have the opportunity to provide added value to their subscribers and protect users based on their personal mobile habits and behaviors. At the same time, they gain a unique opportunity to monetize the network, increase ARPU and even reduce churn.
What’s the big deal?
In large part, mobile security is an afterthought for consumers and business people who don’t have the time to manage multiple subscriptions, update to the latest software version or worry about where they click (even if it appears to be from someone you trust). As opposed to the case for fixed networks, while some regulators already require mobile operators to provide basic security against mobile malware, a large majority do not. And while every mobile user is at risk of security threats, no two users are alike in their risky behavior and in turn, the security measures needed for them to remain safe.
What user profiles are at the greatest risk?
We found that on average, mobile subscribers have about 72 interactions on three different websites on any given day. Whether it be a social networking platform, a trending game, news application or e-commerce website, every time a user touches content on a website or mobile app, they’re leaving themselves vulnerable to attack.
The key to understanding who is at risk is the ability to accurately identify profile groups that represent common mobile user perceptions, expectations and behaviors. Segmenting mobile subscribers by demographics and usage classifications can help CSPs to determine the types and level of security risks each unique customer might encounter within the network as they go about their typical daily business.
When you get down to the data, there are some interesting trends around which profiles are at greatest risk – and it might not be who you most expect. According to the latest research conducted by Allot Communications, business people display the riskiest online behavior, with 79 percent of businessmen and 67 percent of businesswomen utilizing potentially risky mobile apps on a daily basis. These numbers are followed closely by youths and millennials, 67 percent of which also access questionable apps on a regular basis, putting their mobile devices and personal information at risk. While mobile app downloads are oftentimes protected, their outgoing use is not, fooling certain users into believing they are accessing harmless apps when in truth, they are leaving themselves susceptible to mobile threats with each and every use. Take clicking a link on a social site like WhatsApp for example; while the app download itself is protected, accessing that outside link may not.
Why is this important?
More and more, CSPs are faced with the task of keeping their subscribers secure from the oncoming slew of cyber threats that continue to increase both in size and sophistication. Fortunately, CSPs can be highly effective when it comes to halting cyber attacks. In the face of widespread, emerging, and more persistent online threats, operators can utilize subscriber data to protect users from malware and other Internet-borne threats that can harm reputation and productivity, damage mobile devices, comprise personal data, and cause financial loss.
When armed with relevant data and information surrounding customer behavior — for example, knowing if the user is a business woman on the go or a child accessing educational apps — CSPs are able to engage with subscribers to identify how to minimize their specific security risks. With the insider knowledge available through subscriber data comes the ability to offer individualized security services to protect subscribers from harmful malware. CSPs can provide services anywhere from network-based anti-malware to parental controls to protect consumers against cyber attacks that can cause the loss of personal and professional content. For example, rather than providing security per app, safeguarding users at the network level allows security measures to provide a protective blanket for all mobile online activity.
With access to a user’s unique mobile preferences and use cases, and the ability to analyze each individual, CSPs are better positioned than ever to protect their subscriber base. This not only secures the users themselves, but also gives CSPs a competitive advantage over other providers that may not be utilizing this critical user data to fight off threats to user privacy and content. By analyzing network data, filtering users into highly targeted categories, and offering network security that provides an umbrella over users’ complete online activity, CSPs are given a major advantage when it comes to thwarting off cyber crime in their networks and keeping users consistently protected in the face of malware.
[su_box title=”About Yaniv Sulkes” style=”noise” box_color=”#336588″][short_info id=”66275″ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.