Don’t miss the rest of the articles in our Cybersecurity Trends in 2020 series:
- Cybersecurity Trends in 2020: Artificial Intelligence
- Cybersecurity Trends in 2020: Ransomware
- Cybersecurity Trends in 2020: Cloud Security
As we look ahead to a new decade, 2020 will continue to bring significant changes to how we interact with digital spaces at work and at home. The increased use of mobile technology in workplaces, retail settings, the service industry, government, and our own homes brings the promise of greater mobility of information and the threat of greater security risks.
No longer do all employees login to a company desktop computer that lives in their cubicle or make calls on a company landline phone from their desk. Employees now bring their own mobile devices, tablets, and even laptops into the workplace. They connect those devices to the organization’s network, download business data to their personal apps, and upload sensitive information via their devices. A bring your own device (BYOD) policy affords companies and employees greater flexibility, but that flexibility can put important business data at risk.
We spoke to experts on how the changing face of workplace technology will affect cybersecurity in 2020.
What the BYOD and mobile threat looks like in 2019
Eric A. Williams, founder & CEO of ijura says that BYOD policies, “have arguably saved companies millions in operational costs each year while also increasing productivity.” The promises of increased productivity and reduced costs entice many companies to open their networks and data to greater mobile flexibility.
Eric A. Williams, founder and CEO of ijura
“However,” Williams continues, “that means your employees are going to access sensitive business content on the same device from which they are checking Facebook and emailing friends.” While it sounds innocent, these apps can pose a significant risk because many are unsecured.
Williams says, “Personal apps can be a serious exposure point, as many hackers use legitimate apps to create trust with users whilst getting them to pass over sensitive information or download malicious content. People make ill-advised decisions about the apps that are able to see and transfer their information, e.g., gaming apps that hide in the open and gain your trust before stealing data.” He notes that while companies can work to secure apps, devices, and data stores, they will continue to have a difficult time teaching humans to outsmart the cyber criminals.
And each device an employee connects to the network or uses to log into corporate apps raises the risk.
Tom Tovar, CEO at Appdome says, “Mobile hackers have discovered that 85 percent of mobile apps have little to no protection, which allows the criminals to continuously harvest data, connections, resources, and infrastructure from mobile consumers and mobile businesses by targeting these unprotected mobile apps. In the past, hackers spent most of their time on the mobile infrastructure. Today, hackers can easily find an unprotected mobile app and use that unprotected app to design larger attacks or steal data, digital wallets, backend details, and other juicy bits directly from the app.”
So companies find themselves trapped: employees want the greater flexibility afforded by a BYOD policy and finance departments want to save money, but the risks associated with increased mobile endpoints and potential exposed data keep security pros up at night.
How companies will respond to BYOD and mobile threats in 2020
The experts we spoke with agreed that companies need a plan to better secure mobile endpoints that access their networks and data. But today’s workplace isn’t likely to return to a fully-firewalled and locked-down network. Employees expect mobility and connectivity. Here’s what the experts suggest for balancing security and flexibility in 2020.
“In 2020, IT is going to be a lot less prescriptive by extending BYOD policies and resolving the tension between security and users, particularly when it comes to knowledge-intensive industries like financial services,” says Brian Foster, SVP product management at MobileIron. “As a result, organizations will increasingly take control of devices with a mobile-centric, zero trust security platform that supports productivity.” Companies will therefore take a more centralized approach to manage the risk of exposing their data stores to malicious actors.
Brian Foster, SVP project management at MobileIron
Sanjay Patel, founder at Teclogiq points out that a centralized approach may not cover all threats. “While the direct business impact of mobile malware is low, we can expect an increase in the number of data breaches related to mobile device use and misuse. Every device used to access the company systems are yet another endpoint to secure, so one way of reducing risk is to provide access via a secure web application infrastructure with real-time vulnerability management.”
Sanjay Patel, founder at Teclogiq
Williams of ijura agrees, “Since BYOD is becoming ever more popular, in 2020 companies of all sizes need to invest in mobile device management and mobile threat defense solutions. These applications safeguard mobile devices via the cloud or via in-device software.”
These experts find the balance between security and worker flexibility via specialized mobile defense software that secures both the device and the data the employees need to access.
Finding the right BYOD security software
A BYOD plan is more than a handbook entry. Specialized security software that fits your company’s needs exists, although finding the right solution can be arduous. TechnologyAdvice can help take hours off your security software research process. Use our Product Selection Tool to get a list of vendors who meet your company’s budget, feature, and industry requirements. It’s free, and it only takes five minutes.