How to protect professional mobile devices from cyber threats?

In France, 56% of the working population telecommutes at least one day per week. Between working from home and business trips, a large proportion of employees regularly work remotely. Organizations have to manage ever larger mobile fleets. 

Yet, mobile devices are often targeted by cyber criminals to attack organizations: malware installed on mobile devices have increased by 52% in 2022. How can you protect your organization's mobile fleet?

Mobile fleet security: What is at stake for your organization?

Professional practices are changing. Remote work has been the new norm since the beginning of the pandemic 3 years ago. Many organizations provide mobile devices to their employees: laptops, smartphones, tablets...

Often poorly secured, these devices are exploited by cybercriminals to access business data. Several methods are frequently used: interception of unencrypted communications, exploitation of an application or software vulnerability, distribution of malware (e.g. using infected attachments) or device theft.

Mobile devices are a gateway to an organization’s information systems (IS). A cyber attack targeting a device could result in the propagation of ransomware capable of completely paralyzing an organization's operations and wiping out all its data.
Securing your mobile fleet therefore plays a critical role in your organization's future, and in protecting sensitive data.
 

How can you secure your mobile fleet?

A first best practice is to encrypt all communications from employees' mobile devices, so that data is incomprehensible should it be intercepted. To achieve this, you can use a VPN, use applications offering data encryption, and also opt for end-to-end encrypted endpoints.

To prevent identity theft, sensitive data must be accessed through multi-factor authentication. This means that if a device were to be stolen, or controlled by an ill-intentioned person, the latter would not be able to exfiltrate or damage the data. 

Finally, there are global Mobile Device Management (MDM) solutions that enable organizations to remotely manage their entire mobile fleet. Application updates can be automated on each device to protect against vulnerabilities, and data can be deleted from a device in the event of loss or theft, or to monitor device integrity remotely. 
The choice of a solution should consider the number of devices to be protected, your security challenges, your employees' uses (telecommuting only or travel with connections to public Wi-Fi) and the desired features.

Formalize a security policy designed for mobile devices

Drawing up a security policy to govern the use of mobile devices is an excellent way of reducing risk. For instance, many organizations prohibit the installation of applications that are either not sovereign or essential for work: Facebook, TikTok etc. Another best practice is to prevent connection to a public Wi-Fi network without using a VPN. 

Once the policy has been defined, it is essential to train employees about the rules to be observed when it comes to mobile security. When possible, the security policy should not hinder employee productivity, as they should be able to access their business applications and data from any location.
 

Often underestimated when it comes to corporate IT security, the protection of mobile fleets represents is of utmost importance for the long-term survival of organizations. As a prime target for hackers, devices need to be protected not only by dedicated security solutions, but also by employee awareness campaigns. Securing your mobile fleet not only protects you from threats, but also makes it possible to secure business travel and remote work.