At least one mobile device in every major organization is infected with mobile malware. The above likely does not mean much to you. After all, your business may not be some massive enterprise. You could be a small creative agency - small enough that you know the name of everyone working for you. It is an easy trap to fall into the belief that, because you are not Pentagram or Landor Associates, mobile security is something you can afford to ignore. After all, why would any criminal seek to attack your business? There are many larger targets. And those targets have infinite resources to invest in security. This means that they can simply ‘outspend’ their attackers. As a result, criminals are targeting small businesses with increasing frequency. Most often, this is through the use of malicious or destructive programs. Here are a few examples of how this might look within the walls of your agency:
- A tablet owned by one of your designers is infected with a malicious application that uploads all data accessed by the device to an external server, putting your intellectual property squarely in the hands of a competitor.
- A smartphone that contains critical design documents is locked down by ransomware. You are forced either to pay the developer or lose those documents.
- A nasty virus jumps from smartphone to smartphone within your organization, deleting or corrupting the data on every device it infects. Your mobile employees are prevented from doing their jobs, and you lose both data and man-hours.
- Your website is hacked, who then uses it as a delivery mechanism for a smartphone virus. Current and prospective clients wind up with infected devices when they visit your site, and your reputation goes down the toilet.
- Run regular virus scans on your server and website, and ensure you are equipped with antivirus and antispam tools - Liquid Web’s ServerSecure is one example of a hosting service that offers this.
- Scan your mobile infrastructure regularly for vulnerabilities an attacker might exploit, and be aware of vulnerabilities that exist in the latest release of Android and iOS.
- Install a mobile device management tool that allows you to protect the data stored on employee devices.
- Educate your staff on mobile security best practices - why they should scan for vulnerabilities, what apps they should avoid, what they should do about malicious SMS messages, and so on.