In Security, All Eyes Trained on Mobility

Posted by

Dec 28, 2015 5:27:26 PM

Google Logo
In Security, All Eyes Trained on Mobility

The data breach epidemic has raged on for years now, leading to massive increases in identity theft, corporate financial loss, government espionage and more. Although there is a proverbial universe of moving parts when it comes to the comprehensive protection of digital assets - including data, software, infrastructure, networks and the like - the focus has truly turned toward mobility given the much higher rates of attacks targeted at these devices. 

Despite all of the issues that have sprouted due to a lack of control and widespread allowance of personal device use, it appears as though companies are making the same mistakes again and again as time goes on. Security Intelligence reported that nearly two-thirds of organizations currently allow BYOD activity, but other research has shown that most devices, apps and users are not properly managed from a protective standpoint. 

What's more, mission-critical systems are increasingly accessible from personal devices, which could represent increased risk. For example, the news provider pointed out that 86 percent of businesses are allowing users to access email systems through their mobile devices, with many also enabling use of document management systems and cloud solutions. At the end of the day, this is a necessity, as mobility plays such a fundamental role in modern operations, but more must be done to secure these frameworks. 

If you want a rundown of some of the more prominent threats to mobile devices, apps and systems that have been around for a while now and remain active, check out this video from Caleb Barlow:

Small-business owners need to understand all of the risks involved in mobile activity, and remember that some of the more common and traditional tactics of hackers remain highly threatening today. With the right balance of security analysis and deployment of the necessary solutions, entrepreneurs can better defend their companies from the damages caused by a data breach. This begins with keeping track of valuable research conducted by leaders in the field. 

The health focus
Health care providers have become the most targeted entities with respect to hacking and insider threats due to the higher value of patient information on the black market than virtually any other type of data. Mobility has been a pervasive trend in the sector as well, meaning that medical firms are facing a more complex and challenging landscape when trying to balance security and user engagement. 

To assist the industry in making improvements, the National Science Foundation recently announced that it has been awarded a five-year, $10 million grant to study the entirety of mobility security trends, best practices and threats.

"In complex environments having to do with health, wellness and medicine, there are a lot of moving parts involving devices, software, wireless and wired communications, and other dimensions, which are rich in challenges for security, privacy and safety," Sol Greenspan, program officer for NSF, stated. "[This project] brings together expertise and resources to work on these challenges."

Dartmouth College computer science professor David Kotz will lead the research, accompanied by experts from Johns Hopkins University, Illinois-Urbana-Champaign, Vanderbilt University and the University of Michigan. 

Mobility needs to be a priority for IT security managers. Mobility needs to be a priority for IT security managers.

"Mobile medical applications offer tremendous opportunities to improve quality and access to care, reduce costs and improve individual wellness and public health," Kotz affirmed. "However, these new technologies, whether in the form of software for smartphones or specialized devices to be worn, carried or applied as needed, may also pose risks if they are not designed or configured with security and privacy in mind."

Applications, backend IT security, data protection, electronic medical record systems and more will be included in the study to ensure comprehensive results and insights for leaders in the health care arena. The objective is to identify the core issues that keep mobility security in a negative position for the health care industry, breaking down the matters into the simplest computer science-defined terms possible. 

"This project tackles many of the fundamental computer science research challenges to providing trustworthy information systems for health and wellness, as sensitive information and health-related tasks are increasingly pushed into mobile devices and cloud-based services," Kotz added. 

Business owners in any industry, regardless of which types of data they might manage, must ensure that they are taking similar, wide-reaching steps toward understanding their risks and mitigating them in stride, especially when it comes to enterprise mobility. 

"Authentication best practices have been at the center of IT discussions."

The path forward
Plenty of research has been conducted in the past few years to help business leaders better understand what needs to happen to shore up their defenses against mobile threats. One example relates to authentication best practices, which have been at the center of many discussions of late. Channelnomics reported that one study from Champion Solutions Group revealed that a mere 25 percent of respondents to its survey leverage multifactor authentication solutions. 

According to the source, 50 percent of the 447 technology-focused executives involved admitted to not having a comprehensive strategy in place to handle BYOD at all, adding insult to injury. Furthermore, the news provider pointed out that the traditional password is still the most common method of dictating access in mobile-enabled businesses, but these remain improperly managed and often rife with risks as a result. 

In small businesses, these types of matters can be exceedingly difficult - and sometimes impossible - to manage internally, and entrepreneurs might not have the budget to staff their IT departments fully with the employees necessary to do so. This is why managed services use can be so valuable in the realm of mobile security, general IT fortification and defense oversight, as it provides a more seamless path toward acquiring the intelligence necessary to succeed. 

With businesses continuing to take mobile-centric approaches to operational management and employee enablement, more will need to be done to protect these valuable assets and systems in the coming years. Entrepreneurs can better-position themselves for continuity of operations, strong brand image and resilience to breach by constantly evaluating and refining their protective measures, and taking the guidance of experts whenever possible. 

Topics: Featured