Endpoint Protection
July 20, 2023
6 minutes
Cybersecurity is now one of the top concerns for business owners and organizational leaders around the world. While we’ve been in the digital era for decades now, the increase in cybercrime seen over the past few years indicates an alarming trend and is making it more pressing than ever to protect company devices with cybersecurity practices.
With the Internet of Things (IoT) broadening its umbrella each and every year, there are more endpoints for cybersecurity professionals to protect than ever before.
In the past, company laptops were sometimes the only devices with vulnerabilities that needed protection. In today’s business landscape, though, professionals are equipped with all sorts of mobile devices with open-access to the internet. IPads and other tablets, laptops, smartphones, drawing boards, Wi-Fi enabled office thermostats or other smart applications, and smart devices are all used by professionals on a daily basis.
While comprehensive cybersecurity practices will offer protection for all these devices and more, we’re going to focus specifically on the cybersecurity vulnerabilities created by smartphones and how businesses can mitigate them.
Remote work culture is becoming more and more popular and is offering many professionals the opportunity to work while traveling. If you find you’ve been on the go more often than not lately, take a look at DOT Security’s “Cybersecurity Checklist for When You’re on the Go” to keep your precious data safe no matter where you’re working.
TikTok took center stage a few months ago as the lead role in what was looking like a possible cybersecurity epic of the ages.
In fact, the litigation and fight to ban TikTok is still going strong. Most notably are the governmental bans placed on the social media app. The United States has banned TikTok on government devices, and nearly half the individual states have followed the feds in tow putting similar bans on TikTok.
Certain universities are also jumping on the TikTok ban bandwagon, by blocking access to the app through their Wi-Fi networks. Taking the TikTok ban a step further, Montana has actually passed laws to prohibit residents from downloading TikTok onto personal devices. Of course, this move was certainly met with some resistance, as TikTok is now suing Montana.
“TikTok is suing Montana and Attorney General Austin Knudsen, citing that the law “abridges freedom of speech in violation of the First Amendment” and “violates the U.S. Constitution.”
Even outside of the United States, TikTok is coming under fire from governmental bodies and institutions.
“India was the first country to ban TikTok–and other Chinese apps–on all of its devices. Australia, Belgium, Britain, Canada, France, the European Union and Scotland have bans surrounding the use of TikTok on state devices.”
This international face-off with TikTok is rooted in the fundamental fear of espionage, user privacy, and data security concerns. The biggest issue that government officials and other institutional leaders take with the social media app is in its loose data privacy terms.
Furthermore, there is a real concern about how much power the parent company of TikTok, ByteDance, would have if asked for user data by the Chinese government, specifically due to China’s 2017 National Intelligence Law.
The CEO of TikTok, Shou Zi Chew, had a hearing in front of the US congress in March which was supposed to address a lot of the concerns around TikTok. The hearing didn’t lead to many verdicts, but did end up exposing social media and data manipulation as a larger collective threat that we should be aware of that isn’t exclusive to TikTok.
As things stand, the power-struggle with TikTok and government agencies is still ongoing. This definitely gives footing for cybersecurity policies to ban TikTok on company devices as well, but with no proven wrongdoing it isn’t yet a necessity.
More than anything, by keeping TikTok off company devices, you’re simply removing a potentially hyper-addictive time-waster.
A lot of companies think about blacklisting mobile apps that they don’t want their employees to download onto company devices. This could be for any number of reasons, it could very well be due to a cybersecurity vulnerability or malware that’s been detected on the mobile app, or it could be something as simple as an efficiency practice. Some mobile apps are known as productivity-killers and time-wasters.
Whatever the reasoning behind the ban or blacklisting of a mobile app, this strategy is really only somewhat effective.
The reason that blacklisting mobile apps you don’t want your employees to download doesn’t work is sewn into the foundation of a competitive marketplace. If one app is blacklisted, 10 more of the same nature, goal, and function will appear in its place.
So now, you have to constantly play catch-up – chasing after endless applications to add to your blacklist.
Instead of outright blacklisting mobile apps or other software's your employees want to use, consider working with a cybersecurity team to compose a comprehensive cybersecurity strategy that addresses company device security, protocol, and policy.
Another reason you want to avoid overarching software bans in your organization is because you can inadvertently create a culture of shadow IT.
Shadow IT is software and tech solutions that employees launch for themselves, outside the governance of the formal IT department. This poses a series of high-impact risks and vulnerabilities that the IT and cybersecurity teams might not even know about because they’re so under the radar.
Establishing strong cybersecurity policies and forming strategic IT partnerships will help you address mobile device policies and cybersecurity strategies on a company-wide level and truly give you the coverage you need to feel secure.
Smart-technology is only going to become more and more sophisticated as society continues to advance and improve. Understanding the different cybersecurity vulnerabilities and threats that come with different devices will help you mitigate your risk-level and keep private information private.
With more and more employees working from home or working while traveling, it’s absolutely vital to have a comprehensive mobile device cybersecurity policy in place to keep data safe.
Non-eventful travel is the best travel. Make sure your sensitive information is as protected as it can be by reviewing DOT Security’s “Cybersecurity Checklist for When You’re on the Go” before your next work trip.