What kinds of security problems do mobile devices pose

Assignment Help Operation Management
Reference no: EM133312930

Case Study: Bring your own device has become a huge trend, with half of employees with mobile computing tools at workplaces worldwide using their own devices. This figure is expected to increase even more in the years to come. But while use of the iPhone, iPad, and other mobile computing devices in the workplace is growing, so are security problems. Quite a few security experts believe that smartphones and other mobile devices now pose one of the most serious security threats for organizations today. Whether mobile devices are company-assigned or employee-owned, they are opening up new avenues for accessing corporate data that need to be closely monitored and protected. Sensitive data on mobile devices travel, both physically and electronically, from the office to home and possibly other off-site locations. According to a February 2016 Ponemon Institute study of 588 U.S. IT and security professionals, 67 percent of those surveyed reported that it was certain or likely that an employee's mobile access to confidential corporate data had resulted in a data breach. Unfortunately, only 41 percent of respondents said their companies had policies for accessing corporate data from mobile devices. More than half of security breaches occur when devices are lost or stolen. That puts all of the personal and corporate data stored on the device, as well as access to corporate data on remote servers, at risk. Physical access to mobile devices may be a greater threat than hacking into a network because less effort is required to gain entry. Experienced attackers can easily circumvent passwords or locks on mobile devices or access encrypted data. Moreover, many smartphone users leave their phones totally unprotected to begin with or fail to keep the security features of their devices up-to-date. In the Websense and the Ponemon Institute's Global Study on Mobility Risks, 59 percent of respondents reported that employees circumvented or disabled security features such as passwords and key locks. Another worry today is large-scale data leakage caused by use of cloud computing services. Employees are increasingly using public cloud services such as Google Drive or Dropbox for file sharing and collaboration. Valiant Entertainment, Cenoric Projects, Vita Coco, and BCBGMAXAZRIAGROUP are among the companies allowing employees and freelance contractors to use Dropbox for Business to post and share files. There are also many instances where employees are using Dropbox to store and exchange files without their employers' approval. In early 2015Dropb ox had to patch a security flaw that allowed cyberattackers to steal new information uploaded to accounts through compromised third-party apps that work with Dropbox services on Android devices. There's very little a company can do to prevent employees who are allowed to use their smartphones from downloading corporate data so they can work on those data remotely. Text messaging and other mobile messaging technologies are being used to deliver all kinds of scam campaigns, such as adult content and rogue pharmacy, phishing, and banking scams, and text messages have been a propagation medium for Trojan horses and worms. A malicious source is now able to send a text message that will open in a mobile browser by default, which can be readily utilized to exploit the recipient. To date, deliberate hacker attacks on mobile devices have been limited in scope and impact, but this situation is worsening. Android is now the world's most popular operating system for mobile devices with 81 percent of the global market, and most mobile malware is targeted at the Android platform. When corporate and personal data are stored on the same device, mobile malware unknowingly installed by the user could find its way onto the corporate network. Apple uses a closed "walled garden" model for managing its apps and reviews each one before releasing it on its App Store. Android application security has been weaker than that for Apple devices, but it is improving. Android application security uses sandboxing, which confines apps, minimizing their ability to affect one another or manipulate device features without user permission. Google removes any apps that break its rules against malicious activity from Google Play, its digital distribution platform that serves as the official app store for the Android operating system. Google also vets the backgrounds of developers. Recent Android security enhancements include assigning varying levels of trust to each app, dictating what kind of data an app can access inside its confined domain, and providing a more robust way to store cryptographic credentials used to access sensitive information and resources. Google Play now provides security scanning of all applications before they are available to download, ongoing security checks for as long as the application is available, and a Verify Apps service for mobile device protection for apps installed outside of Google Play. However, these Android improvements are largely only for people who use a phone or tablet running a newer version of Android and restrict their app downloads to Google's own Play store. Companies need to develop mobile security strategies that strike the right balance between improving worker productivity and effective information security. Aetna's Chief Security Officer (CSO) Jim Routh says there is a certain minimum level of mobile security he requires regardless of whether a device is company- or personally owned. Aetna has about 6,000 users equipped with mobile devices that are either personally owned or issued by the company, Each device has mandatory protection that provides an encrypted channel to use in unsecured Wi-Fi networks and alerts the user and the company if a malicious app is about to be installed on the device Colin Minihan, director of security and best practices at VMWare AirWatch, believes that understanding users and their needs helps a mobile security strategy progress further. VmAirWatch categorizes similar groups of users and devises a specific plan of action for each group, choosing the right tools for the job. According to Patrick Hevesi, Nordstrom's former director of security, if users need access to critical corporate data that must be protected, the firm should probably allow only fully managed, fully controlled, approved types of devices. Users who only want mobile tools for e-mail and contacts can more easily bring their own devices. The key questions to ask are called the "three Ws": Who needs access? What do they need to access? What is the security posture of the device?

Question 1. It has been said that a smartphone is a computer in your hand. Discuss the security implications of this statement.
Question 2. What kinds of security problems do mobile computing devices pose?
Question 3. What steps can individuals and businesses take to make their smartphones more secure?

Reference no: EM133312930

Questions Cloud

What evidence did he use : GRST 1100 University of Windsor Who was the husband? How did your Athenian conduct his prosecution? What evidence did he use? What was his strategy
Types of intellectual property rights : What are three categories of works that cannot be protected by copyright? Identify four types of intellectual property rights.
What was important about the photojournalism : What was important about the photojournalism in the Vietnam War, and what was the special place of the photography of Larry Burrows in that coverage?
What are network and network effects : What are network and network effects? why is a network of complementary products so important for the firms' growth and success?
What kinds of security problems do mobile devices pose : It has been said that a smartphone is a computer in your hand. Discuss the security implications of this statement.
Why does xenophon, in his constitution of the athenians : Describe and explain what seem to you to be the most important institutions of Athenian Democracy. Why does Xenophon, in his Constitution of the Athenians
???what are the key similarities in the two movements : ???what are the key similarities in the two movements and What does the photograph look like? What is the physical feeling of the final print? Is it bold, soft
Learnings applicable to commercial organization : Explain key learnings applicable to a commercial organization, from Public Sector Capital Budgeting exercises.
Key challenges in processes to criminal investigation : Prosecuting a crime is a process, which is not limited by the processes related to the investigation.

Reviews

Write a Review

Operation Management Questions & Answers

  Book review - the goal

Operations Management is about a book review. Title of the book is "Goal". This book has been written by Dr. Eliyahu Goldartt. The book has been appreciated by many as one of those books which offers an insight into the operations and strategic capac..

  Operational plan in hospitality enterprise

Operational plan pertaining to a hospitality enterprise is given in detail in the solution. The operational plan is an important plan or preparation which gives guidelines regarding the role and responsibilities of each and every operation at all lev..

  Managing operations and information

Recognise the importance of a strategic approach to the development and deployment of organisational information systems. Demonstrate an understanding of the importance of databases and their integration to the organisation's overall information mana..

  A make-or-buy analysis

An analysis of the holding costs, including the appropriate annual holding cost rate.

  Evolution and contributor of operations management

Briefly explain Evolution and contributor of Operations management.

  Functions and responsibilities of an operations manager

A number of drivers of change have transformed the roles, functions and responsibilities of an operations manager over recent years. These drivers have not only been based on technological innovations but also on the need for organisations to develop..

  Compute the optimal order quantity

Compute the Optimal Order quantity of DVD players. Determine the appropriate reorder point.

  Relationship to operations practice in the organisation

Evaluate problems in operations and identify approaches to overcoming them. Critically evaluate operating plans and identify areas for improvement. Justify, implement and evaluate changes to operations in line with modern approaches.

  A make or buy analysis

Develop a report for Figi Fabricating that will address the question of whether the company should continue to purchase the part from the supplier or begin to produce the part itself.

  Prepare a staffing plan

Prepare a staffing plan showing the change of your unit from medical/surgical staffing to oncology staffing.

  Leadership styles in different organizations

Ccompare the effectiveness of different leadership styles in different organizations

  Risk management tools and models

Be able to understand the concept of risk, roles and responsibilities for risk management and risk management tools and models.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd