Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Cybersecurity News

Smartphones Gain Ground, Mobile Cybersecurity Gains Importance

By Josh Sookman
phone_enews
December 9, 2014

Last month, I wrote an article on the Emergence of Smartphones as a Key Platform for Security Industry that discussed the growing ubiquity of smartphones within the workplace and the increasing number of mobile apps that have the ability to collect information from its environment such as video streams, audio streams, indoor location and information from other sensors.

In stark contrast to the focus on the information that mobile devices may capture, store and provide intelligence back to an organization, this article focuses on what intelligence others might be able to capture about your organization by accessing an employee’s mobile device in an unauthorized manner.

Sensitive information may exist on mobile devices in many places including email, SMS and instant messaging archives, contacts and phone records, as well as a growing number of enterprise mobile apps that extend major enterprise CRM, ERP, HR and other systems as well as document repositories and other databases setup for off-network, mobile access.

The cybersecurity threat to unauthorized data access is essentially the same for smartphones as it is for tablets, laptops or any other mobile device operating outside of an organization’s physical offices. However, smartphones are more commonly lost, stolen and vulnerable to attack; they are also (generally) more locked-down – think “Apple” – in terms of what sorts of functions and low-level controls that device manufacturers and operating system providers allow companies and mobile application developers to install and execute on smartphones and tablets versus laptop computers.

The emergence of Mobile Device Management (MDM) providers are helping to address some of these mobile security concerns through the use of secure containers for company information and apps, improved encryption and the ability to remotely wipe sensitive and other information off devices that are lost or stolen, or when an incorrect device password has been entered a certain number of times.

MDM isn’t for everyone, and there is no clear winner yet in the space; MDM vendors are still putting together pieces to the puzzle in their unique ways. Similarly, each organization will ultimately set up their own IT policies and procedures, and aim to manage risk in accordance within their own unique risk exposure limits.

For organizations not yet sold on MDM, there are several proactive measures that can still be undertaken to better understand your risk and batten down the hatches.

Vulnerability Assessment

If you choose to get a vulnerability assessment, ensure that the firm reviews your organization’s policies surrounding mobile device access and the use of passwords, accessing corporate information using VPNs, email access and email archive history available to users on mobile devices. The assessment should also cover third-party enterprise mobile apps that connect to major enterprise systems and additional security layers required to login, access and alter information within those systems. Third-party mobile apps serve a variety of function within large organizations, from sales to business intelligence to security, and not every mobile application may require a full audit or assessment. Assessment priority should be dictated and aligned with the level and depth of sensitive information that may be accessed, abused or misused by cybercriminal or cyberterrorist activities.

Strong Passwords

Though it seems simple, the vast majority of attacks still stem from weak passwords, and a set of passwords that are all identical. By employing a simple mandate to use strong passwords on mobile devices for access, and a different set of strong passwords for email access, network login and for access to other enterprise systems, you can drastically reduce overall organizational risk to intellectual property and other information breaches. By having a unique password for each system, a criminal's ability to breach each successive system will be thwarted – or at a minimum delayed further – providing IT groups with greater amounts of time to deny system access or remotely wipe device data.

Device Tracking and Cyberthreat Prevention

Third party mobile apps may be installed to track the location of employee’s mobile devices – both outdoors (using GPS) and indoors within corporate offices. By developing policies that limit data access (i.e. specific data and documents) to mobile devices in certain locations, an organization may prevent access to sensitive information outside the US, for example if a traveler’s phone is stolen overseas. These location-based policies may be as broad as “country-level”, more moderate such as “within 1 mile of a particular office”, or as granular as “only on floor 7” of a particular building.

KEYWORDS: Bring Your Own Device (BYOD) mobile cybersecurity mobile device management smartphone security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Josh sookman   large photo

Josh Sookman is the Founder and VP of Business Development for Guardly, the leading provider of indoor positioning and mobile app-based crisis communications solutions to large enterprises. Josh is an active member of ASIS and SIA, and a contributing writer to several security industry publications. His volunteer work in youth entrepreneurship has included initiatives with Stanford, MIT, Intel, Verizon and several local technology incubators in Toronto, Canada, where he resides. Contact Josh and learn more at: https://www.guardly.com

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • smartphone_enews

    Emergence of Smartphones as a Key Platform for Security Industry

    See More
  • Generic Image for Fire and Life

    Whitepaper: Assessing Emergency Response Times on Campus

    See More
  • Generic Image for Enterprise Services

    Vendor System Integrations Accelerate in the Security Industry

    See More

Related Products

See More Products
  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing