Bank robbing used to be easy. If you could get past the main vault, you could get instant access to all the cash. Within today’s modern banks, the vault’s exterior provides just one layer of perimeter security. Now banks incorporate an assortment of other layers of security, such as safety deposit boxes, which make accessing everyone’s cash at once incredibly difficult, if not nearly impossible. (more…)
A decade ago, Windows machines were perceived as the target of all malware. Today, malware is a threat to all platforms. Rather than one popular operating system being inherently more secure than another, it seems malware increases in tandem with the OS’s use. The more popular it becomes, the more targeted it is, and the more vulnerabilities are found.
Today, our smartphones connect us with social media accounts, banking services, and retailers. The important question for a mobile device is not just whether its operating system is secure, but whether it has an effective security patching strategy for when (not if) the latest malware eludes a device’s safeguards. Even mobile and desktop operating systems designed with security first have had problems that called for this kind of effective update management.
Security in the mobile world
The mobile device market is dominated by two operating systems. Android owned 81.5 percent of the market in 2014, compared to 14.8 percent for iOS (not unlike the Windows and OS X situation of years ago).
However, only Apple can patch its mobile operating system similar to the way desktop OS manufacturers patch security holes and shortcomings. Android’s openness is a strength, but also its greatest security weakness because Google doesn’t have the last say when distributing security updates and patches – the OEMs and service providers hold that power. In addition, controls that block the installation of unknown, third-party software are easily circumvented, providing an easy avenue of attack for cybercriminals.
Unsurprising then is our finding that the vast majority of mobile malware — 99 percent in fact — targets Android devices. The number of attacks and different kinds of mobile malware are growing at a staggering pace, and in 2014, the number of mobile malware attacks against Android more than quadrupled, affecting about one in five Android devices.
Most people aren’t aware that Google is virtually powerless to stop malware from compromising an Android device, unless the program comes through the Play Store. Only a small percentage of users are aware that mobile malware even exists and that they need protection software to defend against it. When you consider that mobile devices now often store critical information – credit card numbers, online banking logins, etc. – and are more vulnerable to a host of attacks, it’s critical to defend devices against malware.
Though we have battled malware on desktop operating systems for years, there’s still room for progress in some areas on mobile. Most users don’t get updates in time, or at all. Plus, users are installing unknown, third-party software left and right, but have no controls (e.g., security software) in place to detect malicious apps or activity.
Complicating matters is Apple’s controls for iOS. It’s true that software sources are more tightly controlled through the App Store, but protection software is banned, and it’s unclear how often iOS devices are compromised.
Moving toward better mobile security
Understanding the current threats to your mobile device is key. No matter what kind of mobile device you use, you must realize the importance of the data on it, and exercise commensurate caution when installing apps, opening URLs, or choosing whether to enable encryption.
If you are using an Android device, there is a significant chance (one in five, likely more) that you will be targeted by malware in the next year. This malware will likely try to steal financial information from your device, or abuse it in a way that hurts you financially. And it’s very likely that we’ll see even more ransomware – software that encrypts your files with an encryption key that will be revealed only after the payment of a ransom – being targeted at Android users.
To effectively protect a device from these threats, first pick an Android device whose updates are handled directly by Google, and make sure updates are installed when available. It’s also advantageous to block the downloading of third-party applications and install protection software that can ward off any malware.
If you are using an iOS device, you are likely safe — for now. If you install updates as soon as they are available, and avoid downloading and installing apps you don’t trust, there’s a very small chance you’ll be subject to malware attacks in the near future. But as iOS increases in market share, so will the number of potential malware attacks.
About the author
Michael Canavan is the Vice President, Sales Engineering, Kaspersky Lab North America. He is responsible for overseeing all pre-sales systems engineering activities in the region, including North America B2B sales product training, which includes a standardized onboarding initiative for the sales team as a whole, guiding senior sales management regarding technology and solutions, and acting as a solution evangelist for North America B2B sales both internally and externally. Michael brings more than a decade of engineering experience to his role. Prior to joining Kaspersky Lab in 2010, Michael held various roles at Trend Micro in Sales Engineering and Product Management.
When approached to try design work on a Surface Pro 3, my feelings were mixed. I was excited to test this Microsoft tablet, which just celebrated its one-year anniversary, but my glass-half-empty mindset made me wonder if it might be inconvenient to set aside a powerful laptop workstation and work on a smaller device.
After years of learning to use a mouse and keyboard — instead of my hands — for creative expression, I admittedly started slow with the Surface Pro 3’s pen and touch screen. I connected the Surface into the dock, and hooked up my keyboard and mouse to replicate the setup I was used to. When I finally braved tablet mode and got more comfortable working with the device, I started to recognize its benefits.
Here’s what I was working with, and my impressions after a few weeks with the Surface Pro 3. (more…)
The Third Platform, the next phase of the IT revolution, has arrived. While the First platform was the mainframe computer and the Second was built on servers and PCs, the Third Platform is a puzzle of new technologies — social networking, cloud services, and big data analytics — run on mobile devices.
Industry analysts and researchers have noted the impact of these technologies on business. This “Nexus of Forces” is the new platform for digital business, and is transforming how businesses interact with their customers.
Business requires innovation to survive. Simply maintaining “business as usual” threatens even the largest, most established brands. The Third Platform offers the innovation organizations need in four main components – mobile, social media, the cloud, and big data — all of which are spurring growth, strengthening relationships, and improving competitiveness. IT departments, whose role typically involves overseeing the legacy IT resources, and executives planning for the future will need to fully embrace these ideas in order to stay relevant. (more…)
Big business likes Apple — most smartphones and tablets used in the corporate world bear the Apple logo (72 percent and 90 percent respectively). But deploying hundreds or thousands of those mobile devices can be a logistical headache for any IT department.
Throughout the last few months, I’ve helped numerous organizations solve this problem by tapping Apple’s Device Enrollment Program (DEP), a specific method of gatekeeping Apple’s mobile and tablet devices. Each DEP rollout reinforces four thoughts in my mind, lessons I’ve learned along the way that can benefit every company considering a DEP deployment. Take a look. (more…)
From national chains to neighborhood shops, retailers understand that tablets can greatly enhance shopper experiences and they continue adopting this technology in store. Tablets and their applications possess such potential for changing the way people shop and spend that eventually all stores will be connected.
Today’s shoppers are more knowledgeable than ever before, and they’re demanding in-store, experience-altering technology – digital price tags that reflect price changes, kiosks that provide assistance and deals, and mobile checkouts, for example. Retailers are appealing to these shoppers with tablets, and are using these devices to interact with shoppers and to drive sales.
Here are five ways retail stores are creatively using tablets to reach today’s shoppers: (more…)
A recent study by IDC found that more than 80 percent of document work is still not digital, with documents being printed often, especially when signatures are required. For today’s increasingly mobile workforce, the need to print documents can hamper business productivity.
In a move that aims to eliminate the hardships of working with digital documents and the need for paper, Adobe is introducing new software that makes it easier to handle important documents in the office, at home, or on the road. Working with PDFs has never been easier.
Adobe Document Cloud (DC) is a new cloud-based management hub that organizations can employ to create, review, approve, store, sign, and track documents. Acrobat DC offers dozens of new features for managing and working in PDFs that allow workers to create and manage documents from anywhere — a new touch-screen interface, digital editing functionality, e-signature capabilities, and more. (more…)
It’s the beginning of a new year, and organizations are rolling out new IT initiatives and goals for the next 12 months. If that means a migration to iPads or iPhones or a refresh of your current Apple devices, you have a new option on the table to quickly and efficiently deploy them under an MDM solution.
Apple now allows select third-party resellers to offer Device Enrollment Program (DEP) to their business customers, giving organizations new options for device deployment and management. Organizations can now receive the benefits of DEP, including full hardware set up and configuration, software installation, and support, without going through Apple.
After enrolling in DEP with assistance from a third party, commercial organizations can more easily set up and deploy devices and guarantee the proper safety protocols are in place, without the legwork that often complicates mass deployments. At this time, education institutions can enroll in DEP, but must enroll through Apple. (more…)
The needs of working professionals that are frequent flyers are unique, so what’s the perfect gift for them this holiday season? Probably not more snack baskets of cookies, cheeses, jams, and chocolates.
Instead, get a gift that every business traveler can use. What does a professional really need when they’re on the road? They need power and performance, but without sacrificing space in the overhead compartment, and while looking the part too. But hurry, time is running out, so splurge on the business professional on your Christmas list and upgrade the mundane essentials they already use with these practical and powerful last-minute gift ideas. (more…)
Cloud security has been a top concern ever since organizations first began to shift data into the cloud and away from on-premises solutions.
While many cloud providers offer robust enterprise capabilities, including encrypted content, passcodes, and mobile device management, many can still fall victim to a serious security risk: data leakage.
In an age where organizations and employees muddle the boundary between personal and private devices, employees can often access or transfer data to their unmanaged and unprotected devices. Providing employees with the ability to transfer and share sensitive data significantly increases the risk of data leakage.
The cloud leakage problem is one of the greatest threats to enterprise content security. While many cloud solutions secure enterprise content within the cloud infrastructure, they often lack the controls necessary to keep mobile users from downloading and walking away with critical information on personal, unsecured devices. However, there are powerful mobile security solutions that provide extra security for content in and out of the cloud. Here are the top five features companies must look for when choosing a mobile security solution that ensures content is secure.
Email protection — One of the easiest ways for employees to compromise content is by emailing secured cloud data to themselves on unprotected, personal email accounts. This not only leaks corporate content outside of an organization, but places it at greater risk of external hacks. Find a mobile security solution that can rein in rogue emailing and button up this source of content leakage by allowing only managed devices to synchronize with and download content from the cloud. These solutions also enable IT teams to monitor downloaded content, further securing your data.
Download prevention — The advent of the cloud means IT can no longer contain sensitive content behind four walls, and managing what devices can access company data has its limits with some cloud solutions. The easiest way to prevent employees from downloading sensitive data to personal devices is by forbidding external downloads onto unsecured devices altogether. But with some services, users can access content with phones that aren’t managed, creating a major backdoor into your data. Fixing this problem will take some integration between the technology and the particular ecosystem, but this issue will likely be addressed sooner rather than later. For now, find a solution that can limit what devices have access to content in the cloud. (more…)