The big small business security challenge: mobile and BYOD

Mobility of computing and communication can be a big challenge for small businesses (and large). This is especially true when it comes to managing various devices and keeping them secure. In this recorded webinar I explore mobile device management, BYOD and other challenges discussed during National Small Business Week (for more on National Small Business Week see this article by my colleague, Stephen Cobb).

I discuss what's moving so much serious activity to mobile, including security-related activity like two-factor authentication. Mobile devices are slowly adding the keys to the corporate kingdom, like VPN access tokens. Then there's money, not just access to online banking and shopping accounts on mobile devices but mobile payment apps that are offering an alternative to card swiping at the register. And in some parts of the world that bad old mobile nastiness, the premium rate SMS, is still being mined for dollars (or pesos or euros or the currency of your choice/location).

And of course, mobile malware has been on the rise in recent years, in some ways paralleling the adoption of mobile devices as the platform of choice for consumer, and increasingly corporate online service access. Among the mobile digital unpleasantness we have seen in are Cabir (bluetooth), DroidKungFu (Trojan), Ikee (on jailbroken iOS), DroidDream, Android/FakeAV, and Android/Simplocker.

While the latest Verizon Data Breach Investigation Report suggests that mobile malware is not yet a preferred channel for bad actors who want to breach organizations and steal data, this is not time for complacency. The fact that other avenues of attack, like Internet-reachable servers that can be hacked with password guessing, are preoccupying the attention of cybercrminals does not mean it's safe to play fast and loose with mobile devices that handles sensitive stuff, like your VPN access or your kid's graduation pictures.

So, I hope you find this webinar helpful. Feel free to leave a comment if you think I missed important stuff, or if you think I got things wrong..


.
Note: You may be asked to register to watch, but there is no charge, and you only have to register once to see a whole bunch of security webinars recorded by myself and my fellow researchers.