Hackers shift focus to mobile devices
The continued popularity of using personally-owned smartphones for work purposes may spell disaster for the business community this holiday season as hackers exploit consumer behavior to infiltrate corporate networks.
According to the latest research from Citrix, just one in four companies currently have policies in place to support employee mobile device use. Conversely, 45 percent of IT managers indicated that they are not sure exactly how many devices are accessing the company network, and 62 percent of responding organizations did not have controls in place to manage smartphones or tablets.
"The nature of work continues to change," noted Citrix general manager Brett Caine. "Organizations need to respond to this trend by developing policies to address new mobile work styles that can drive productivity while safeguarding the use of data and sensitive information."
But while these companies work to close the gap between policies and practices, highly-skilled hackers will be working hard to exploit remaining loopholes. One unique vulnerability will be the flood of online shopping traffic crossing employee mobile devices over the next month.
According to the latest Shopping on the Job Survey from ISACA, Americans will spend 15 percent more time purchasing gifts online than in 2010. Additionally, 18 of the 32 hours the average smartphone owner uses for online shopping this season will take place on devices used for work purposes.
"The real concern going forward is that once connected to a corporate network, there is a risk the phones could steal information previously secured behind a firewall," information security expert Matthew Prince told USA Today.
Over the long-term, companies will need to establish comprehensive mobile device management practices and policies. But to survive the holiday shopping season without experiencing an online security incident, informed employees may be an IT manager's greatest ally.
According to PC Magazine, online shoppers should be particularly careful when using mobile payment applications. Although convenient, these apps are often a prime target of hackers and can significantly heighten the risk of online identity fraud.
Instead of relying on one-click checkouts, experts suggest that taking the time to manage each transaction manually may be worth the time. Employing a password manager tool to generate and organize passwords for each new website allows smartphone owners to keep their online accounts isolated and secure. Using an online form filler can also speed up the shopping process by storing more basic customer information like shipping addresses and phone numbers.