Pervasive cloud access to corporate data and resources from any device is what users expect as it increases productivity and allows employees to connect from almost anywhere. However, companies should pay strict attention to security.
“However, this convenience can pose a cybersecurity risk for small businesses, warns IT security expert Lookout. If this risk is not mitigated, it can lead to data breaches. Attackers target employees on any device that can access sensitive data. Because cloud-based platforms enable device-independent data access, these attacks can target PCs, laptops, smartphones or tablets alike.” says Hendrik Schless, Senior Manager Security Solutions at Lookout.
Challenge 1: Protection of sensitive data
Protecting sensitive data from unauthorized users is one of the biggest challenges for businesses of all sizes, let alone small businesses with fewer resources. Recent trends in cyberattacks have shown that threat actors are targeting the data of every organization, in every industry and of all sizes. Small businesses are increasingly relying on cloud-based platforms like Google Workspace and Microsoft Office 365 so their employees can work how and where they want with trusted applications. Even if a small business does not have its own security team, data protection can be balanced with secure IT practices regarding user access to the infrastructure and the data it contains.
IT teams can achieve this by:
- Ensure all remote access policies cover all devices.
- Educate your employees on secure data security practices.
- Protect cloud data with a data loss prevention (DLP) strategy that can proactively identify and protect sensitive data.
Challenge 2: Prevent phishing attacks
Attackers targeting small businesses may primarily focus on stealing data through phishing attacks, since employees are likely not protected from these attacks on their mobile devices. Mobile phishing continues to be a major problem for organizations — especially those that allow their employees to use personal devices for work, and who could be vulnerable to phishing through private channels. These threats arrive via any app that has a messaging feature and often use social engineering, whereby attackers shorten or spoof URLs to make them appear more legitimate. Protection against mobile phishing threats is essential for any small business and is easy to implement even without a security team.
Some mobile security solutions offer a small business offering that covers key attack vectors, including phishing, without requiring a team to manage a complex backend.
Challenge 3: Prevent attempted apps
Malicious applications are a legitimate threat to small businesses that don't have the resources to conduct a thorough security audit. This is especially true for mobile apps, especially since users might unknowingly download apps that are loaded with malicious loader programs that, once installed, drag malware onto the device. Just as everyone knows that they have antivirus software installed on their PCs and laptops, every smartphone and tablet should also have malware protection.
In small businesses, proactive malware protection is critical to ensure employees and data are protected from threat actors.
Challenge 4: Block vulnerable devices
Vulnerable devices and software can be an easy gateway into an organization's infrastructure. Small businesses, in particular, are unlikely to have an overview of which vulnerable devices are present in their infrastructure.
This is another challenge that can be solved in line with similar IT best practices and doesn't necessarily require a full security team. The IT department should have an overview of the applications and devices used by employees. Knowing when updates are required is important to avoid exposing the organization to an attack.
More at Lookout.com
About Lookout Lookout co-founders John Hering, Kevin Mahaffey, and James Burgess came together in 2007 with the goal of protecting people from the security and privacy risks posed by an increasingly connected world. Even before smartphones were in everyone's pocket, they realized that mobility would have a profound impact on the way we work and live.