For a while now, mobile security has been a top priority for business owners. Now, more than ever, businesses must take precautionary measures to ensure their safety against ransomware attacks. Ransomware is malicious software that targets your company’s data and holds it hostage unless you pay up.
Attackers are getting more sophisticated with their tactics. They are targeting enterprises and gaining access to sensitive data and valuable intellectual property. It is critical for organizations to proactively safeguard themselves from these attacks. Here’s a list of proven strategies that can protect your business from ransomware and other mobile threats.
Always use HTTPS protocol
MITM (man-in-the-middle) attacks are frequently the result of insecure connections, especially when using public networks, and these can be avoided by using HTTPS and SSH to connect to a server.
This is because MITM attacks rely on intercepting your data and redirecting it to a malicious website. So imagine a criminal hacker is sitting between you and the website you actually want to visit. You type “website.com” in your browser.
If a website hasn’t properly configured its HTTP domain to redirect to HTTPS, a criminal could intercept your attempt to connect to the HTTP website, and redirect it towards their own domain (often a phishing website, but can also inject malware scripts into your browser).
When visiting any website on your mobile device, always be sure to manually type out the HTTPS part of the address (e.g., “https://website.com”), and MITM attacks are much less likely. A strong enterprise mobile security solution can also close many of the holes exploited by MITM attacks and other mobile threats.
Have secondary devices for confirming message attachments
While it’s pretty well-known you shouldn’t click on suspicious links, many people will do it anyway if they believe the link came from someone they trust. This is why it’s critical to have a secondary device to verify the contents of messages and attachments before opening them.
This also provides coworkers with a way to safely communicate with each other and confirm the original sender wasn’t compromised. A very simple “Hey Bob, did you send me that email containing a shortened link?” is a huge help to stay secure.
Use a reliable EDR solution
For an enterprise company network, Endpoint Detection and Response is a critical tool. It can identify malicious code being run in your network and provide actionable information that can help eliminate threats.
If a device on the network becomes infected, for example, it will identify and isolate the device from the network, and provide information about where the malicious code came from.
Because mobile devices are a critical part of the enterprise world, and there can be many IoT devices in the office accessing the network, an EDR solution should be able to account for every possible entry point.
Many companies are using MDR (managed detection response) services, which is essentially hiring a third-party cybersecurity team to exclusively manage your EDR solution. It’s a very viable solution for enterprise companies because it ensures that a team of humans is behind the wheel monitoring for threats, rather than depending on the software alone.
Disable unused apps and bloatware
Enterprise company devices should only have approved company apps installed, and anything else should be disabled or removed. This includes the default communication apps that come preinstalled on most devices because security flaws in these default apps are commonly exploited by hackers.
Some phone manufacturers ship devices with bloatware, which are sponsored apps preinstalled with the device. These apps can be a major security risk, and they’re also hard to uninstall if the device manufacturer tries to keep them on the device.
So when purchasing smartphones, especially Androids, to be used as company devices, make sure it’s a brand that offers a very minimal default set of applications.
Stick to a Zero Trust identity confirmation policy
Zero trust security assumes that a device can be breached at any time and that the proper tools and processes must be in place to minimize the damage. Therefore, it assumes that every device is a threat, all of the time, and identities must be securely verified before layers of access are granted.
This is different from a passive authentication policy where once an identity is confirmed, it is assumed the identity is secure for the remainder of the session. In a zero-trust security model, devices are continuously monitored and may be asked for identification for different applications.
This ensures that devices compromised while connected to the network are identified and eliminated, rather than simply preventing already compromised devices from accessing the network.
