• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » Verizon Reports Business Mobile Security Compromises Increased

Verizon Reports Business Mobile Security Compromises Increased

2020-02-25 by Michelle Dvorak

Verizon MSI Business Mobile Security Compromises Increased

Verizon’s 2020 Mobile Security Index Report – Verizon Says Business Security Compromises Increased 33 Percent for Mobile Since 2019

Verizon released its third annual Verizon Mobile Security Index (MSI) Report. The data in the 2020 MSI Report is a collaborative effort with data collected from over 800 respondents and eleven industry and law enforcement agencies, including the US Secret Service. Mobile security is not a new issue. Productivity apps and cloud computing give mobile devices increased capabilities, allowing employees to stay connected, giving users more remote capabilities, and becoming more important to everyday operations. However, convenience and productivity present cyber security risks and concerns. Employees need to adhere to user policies that keep mobile devices and apps safe.

Cyber security incidents are on the rise. Since Verizon’s first Mobile Security Index report in 2018, the percent of companies reporting a compromise has gone up forty-one percent. In 2018, twenty-seven percent of the companies surveyed reported that they had suffered a security compromise involving mobile internet connected devices during the previous year. By the time the 2019 report was issued, that number had grown to 33 percent. And 39 percent of companies reported 2020 annual Verizon MSI report that they had a security incident.

Even though enterprise level companies know the risks involved with mobile security and making poor decisions to ignore or override security policies, they still do so. This decision leaves them twice as likely to be hacked. But hackers attack companies of all sizes as well as individuals. No business is too small and no one should think they are exempt from security protocols because they feel they are somehow off hackers’ radar.

Many companies got mobile device security wrong since the previous MSI report. Almost half of companies felt it was acceptable to lower security standards because employees were inconvenienced by speed issues. It’s true that using multi-factor security authentication and a virtual private network can slow down the login process, but it’s for good reasons. Apparently, many employees felt inconvenienced by security measures. It’s true that employees are often hurried to check emails or message their office as soon as they land at an airport, but public WiFi like that found in airports, hotels, and coffee shops are easy targets for hackers waiting to collect usernames, logins, and passwords. With the average person reusing the same password across multiple account logins, if a hacker can get one email and password combination – from a social media account – they may easily work their way up to something more valuable like a bank account, work email, or corporate Dropbox account.

Reasons Why Companies Take Risks with Security

  1. Speed outweighs security (62 percent)
  2. Convenience (52 percent)
  3. Profitability (46 percent)
  4. To meet deadlines or productivity targets (43 percent)
  5. Lack of Budget (27 percent)
  6. Lack of Expertise (26 percent)

Social engineering Attacks

According to the US Secret Service, the average monetary loss from a business email compromise (BEC) attack is nearly $130,000. Social engineering is one of the most common tactics used by hackers to begin a cyberattack. With social engineering the hacker gathers information about the target from publicly available information like that found on social media, LinkedIn profiles, and corporate websites. Phishing emails with some personalized content are sent with the intent of gleaning even more data. Hackers use all the information to collect even more details about the target. For example, a hacker might get the name of a target’s supervisor from their LinkedIn profile and their phone number from a corporate website. Phishing emails and business email compromises are two forms of social engineering that are commonly deployed by attackers. Globally, fifteen percent of enterprise users responding the survey reported a mobile phishing link in the third quarter of 2019.For the United states, that number was slightly higher with eighteen percent reporting a phishing attempt.

Other Consequences of Compromises

  • Downtime
  • Loss of data
  • Compromose of other devices
  • Reputation damage
  • Regulatory penalties
  • Loss of business

App Security

Twenty-one percent of enterprise level companies that reported being compromised said that an app installed on the mobile device played a part in the incident. And twenty percent said the use of pubic WiFi was a factor in the compromise, but just over half (52 percent) did not prohibit employees from using insecure WiFi hotspot on their mobile devices.

Eighty-three percent of respondents are concerned about security in the event a mobile device is lost or stolen.

How to Protect Mobile Devices

Lowering security standards often comes with consequences. It is cybersecurity best practices to establish a mobile device security policy and crisis response before your company needs it.

User Security

  • Establish a written acceptable use policy (AUP) for all company owned devices
  • If bring-your-own device is allowed, a company AUP should specify the type of devices, update policies, what networks can be used, and what apps users can install
  • Train employees to recognize risks – like connecting to public WiFi – that compromise their device’s security and that of the entire company
  • Train employees to spot phishing emails, malicious attachments, and fraudulent websites
  • Enforce the use of strong passwords
  • Use biometric logins or two-factor authentication for all devices and accounts

Apps Security

  • Restrict user permissions to necessary access levels and nothing more
  • Block apps from being downloaded outside official app stores
  • Install security updates as soon as they become available

Hardware

  • Change all default usernames and passwords set by the manufacturer or supplier
  • Don’t reuse the same password on multiple devices
  • Implement procedures to lock down and isolate vulnerable, compromised, lost, or stolen devices
  • Use a mobile device management solution to simplify patch management
  • Use malware apps to protect devices against threats
  • Require the use of a virtual private network or (VPN) to protect the device and the corporate network it is connecting to

Networks

  • Encrypt all data sent over unsecured networks with a quality virtual private network or (VPN
  • Block all insecure WiFi networks from accessing corporate resources

Cloud services

  • Restrict the use of unvetted cloud apps, especially file-sharing ones
  • Limit access to cloud services to devices using trusted networks or a managed VPN service

Filed Under: News

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version