Let End Users Bring Their Own Device, Not Their Own Malware
The face of modern corporations is changing. No longer are we confined to offices. Instead, it’s possible to work from trains, airports, cafes, and even the beach. A recent survey of employers indicated that up to 95% of employees use mobile devices for work, with 61% of the employees using their own personal devices*. It is undeniable that these devices can maximize employee productivity in the modern corporate setting, but managing and securing them continues to present unique challenges for IT administrators.
In light of the recent Apple iPhone account hack and other high-profile breaches, it’s no surprise that businesses and end users alike are more concerned than ever about the security of their mobile devices. Moreover, while analyzing threat trends over the past year, our team of threat researchers found that trustworthy apps fell from 52% in 2013 to just 28% in 2014. Nearly 50% of apps were found to be moderate or suspicious, and over 22% were unwanted or malicious.
The vast majority of mobile app threats are composed of Trojans, averaging a staggering 77% for 2014. Trojans make up a very broad category that includes SMS infections, which are the largest family of malicious Android apps, and fake installers. It’s also worth noting that nearly all Android malware types exploit the device administrator functionality to make themselves powerful and nearly un-removable. Because the device administrator popup label can be specified within the app, apps usually spoof the names of other apps or use social engineering techniques to convince the victim that the popup is legitimate.
The end users who perform business tasks on their personal devices continue to be the weakest link in the business cyber security chain—due in large part to simple human error, lack of awareness, and lack of adequate security measures. Mobile devices are also highly vulnerable to physical theft and loss due to their size and portability. But because so many of the devices used for business are employee-owned and contain the owners’ personal data, end users may be (understandably) reluctant to install any business-mandated cyber security or monitoring software. So how can organizations balance protecting their workforce and data, while also allowing the convenience of working from anywhere in the world, even on personal devices? And how can MSPs help them achieve this goal?
As the trusted cyber security advisers to their clients, MSPs are in the unique position to guide clients in establishing sensible device control policies, enforcing device-level cyber security, and developing and delivering mobile workforce security training—without breaching employee privacy. And with our Smarter Cybersecurity solutions for endpoint, mobile and Web, and our tailor-made MSP partner program, Webroot can help you do just that.
Find out if Webroot has what it takes to protect your clients. See for yourself with a no-risk FREE trial. You don’t even have to uninstall existing security.
Want to learn more about how Webroot partners with MSPs to delight customers, lower costs, and boost profits? Read more.