Article written in collaboration with Geoff Walton
Although businesses now use technology to keep employees connected, the irony is how that very same technology also makes them vulnerable to cybersecurity risks. It’s especially true when it comes to mobile phones, as there is generally less awareness about the security risks that come with mobile devices.
As businesses hold a wealth of sensitive information, stringent cybersecurity measures are crucial. To combat the various cybersecurity threats, Google announced that all Android phones would be enabled with security keys, to give users more security with 2-step verification processes.
Yet, some industries remain vulnerable to cyberattacks simply because they don’t have the resources or know-how to properly prepare.
While mobile innovations bring benefits to both patients and medical staff, Health IT Security points out how increasing mobile use also brings security challenges and can compromise sensitive patient information. A Ponemon Institute study found that healthcare data breaches cost an average $408 per incident, versus the industry average of $148 per record. One reason this amount is so high is the fines slapped on by the Health Insurance Portability and Accountability Act (HIPAA) for failure to properly secure patient data. Since the HIPAA Privacy Rule took effect, approximately $80 million worth of fines were spread throughout 55 cases.
Senior security strategist at cybersecurity company Fortinet, Anthony Giandomenico reveals that many users don’t think their phones are as vulnerable as their PCs or laptops, which causes them to drop their guard when it comes to cybersecurity aspects. Thus, one solution that many healthcare organizations are adopting is to ensure they use secure mobile software for exchanging info. Secure text messaging platform Tiger Connect can be used by healthcare providers to secure communication channels between nurses. Hospital employees are now also being taught basic mobile hygiene like avoiding unsecured Wi-Fi networks and regularly installing security updates.
A few years back, D Magazine detailed how American law firms were seen as attractive target for cybercriminals. This is mainly due to legal firms holding very important client information. Additionally, Special Counsel’s white paper on mitigating cybersecurity threats to legal departments discusses that committing cybercrime against lawyers is often relatively easy, as many attorneys lack the understanding necessary to combat cyberattacks. This vulnerability is also exacerbated by how reliant law firms have become on email systems that can be easily compromised.
Fortunately, legal-technology management expert Mark Tewksbury’s tips on cybersecurity offers several solutions. One of these is to have a master password for all mobile devices. This is different from simple login passwords because master passwords prevent unauthorized changes being made to the accounts. Lawyers can also simply disconnect devices when away from the office, as offline devices are harder to hack.
Due to the rise in mobile banking, TechRepublic sheds light on how the financial industry has now become dependent on mobile communications to conduct business, giving birth to a whole new range of security problems. A six-month Wandera analysis of the financial services industry, found that 57% of financial firms were hit with phishing attacks in that period compared to 42% in other industries. Even the industry’s encrypted mobile devices are more prone to cryptojacking, with 26% of financial service companies experiencing attempts versus 18% cross-industry.
It will help companies to deploy a Unified Endpoint Management system to ensure regular device compliance checks. Systems like these can not only prevent outside attacks but also usage risks such as unknowingly downloading malicious side-apps. Additionally, a guide by Medium points out that on the customer end, anti-virus software can be installed on their phone from vendors known to work against malware. They could also set up 2-factor authentication like the one mentioned above to prevent access even if their login credentials were captured.
The examples above show that while there is certainly no shortage of security threats out there, but solutions also exist. It’s possible to enjoy the convenience that technology provides while staying secure – it just takes that extra bit of care and knowledge.