5 Mobile Security riSkS every SMall buSineSS Should know about · 2014. 1. 21. · U.S. cities,...
Transcript of 5 Mobile Security riSkS every SMall buSineSS Should know about · 2014. 1. 21. · U.S. cities,...
A Primer
Bring Your own Device TrenD or ThreaT
5 Mobile Security riSkS every SMall buSineSS Should know about
TrendLabs
The smallest device may be the biggest security hole in a company
Why The advent of BYOD (Bring Your Own Device) opens up companies to threats that may slip through the network cracks because of employee negligence BYOD refers to employees who bring their mobile devices to their companyrsquos business network This is part and parcel of consumerization an ongoing trend in businesses where new information technology intended for the consumer market is used in business organizations
The BYOD tide is continuously gaining strength Given this what should small and medium-sized businesses (SMBs) know about the security risks of BYOD and going mobile And what can they do to minimize these risks
43 of SMBs said that they are open to adopting mobility seeing
support for mobile devices and smartphones as a key
priority
BYOD for SMBs is inevitableConsumerization is the trend of using consumer technology in a business organization by its own employees BYOD is a facet of consumerization where employees bring their personal devices like mobile phones laptops and tablets and use them for work usually connecting them to the company network too1
The BYOD Era in SMBs is here to stay It is an essential development that SMBs need to keep up with the competition2
Research shows that SMBs are open to adopting mobility with 43 of SMBs seeing support for mobile devices and smartphones as a key priority3 With the whole world going mobile SMB owners are also using mobile apps to help them save time increase revenue and productivity and reduce costs4
1 httpconsumerizationtrendmicrocomthe-consumerization-university-day-1-consumerization-is-disruptive
2 httpslearningnetworkciscocomblogsvip-perspectives20120609bring-your-own-devicebyod-fad-or-future
3 httpblogsforrestercommichele_pelino10-09-24-mobility_momentum_intensifies_among_small_and_medium_size_businesses
4 httpwwwsbecouncilorguploadsMobile20APP20Final20Report20SBE20Councilpdf
Only 20 of Android-based devices
have security apps installed
SMBs should expect the security challenges that come with BYODRegardless of size any business that adopts mobility should realize that they open themselves up to certain threats
The large number of 400 million activated Android-based devices means to big business for both Google and those who target the OS Moreover we found that only 20 of Android-based devices have security apps installed5
Businesses that embrace BYOD are at risk from the biggest enterprise to the smallest micro entrepreneur As such SMBs must consider that the BYOD Era today is affected by recent threat trends Q1 saw cybercriminals paying more attention to the mobile front6 Cybercriminals will always target the popular platform mdash the more popular the more potential victims there are to take advantage of
5 httpfearlesswebtrendmicrocom2012misconly-20-of-android-mobile-device-users-have-a-security-app-installed
6 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_security_in_the_age_of_mobilitypdf
Critical data on mobile devices are at riskAccording to a Ponemon Institute study the companyrsquos own employees are the biggest threat to company data Employees risk losing data when their devices are stolen or not sufficiently secured from data-stealing malware The same study also shows that employee negligence is the root of many data breaches Smaller organizations or SMBs have a slightly higher rate of data breaches because of negligent or malicious employees or insiders7
Mobile devices also have a high risk of theft In fact smartphones and cellphones make up 30 to 40 of all robberies in major US cities accounting for 27000 thefts8 SMBs must realize that mobile devices need the same if not even more protection than desktops With the consumer smartphone experience geared towards quick and easy access to personal information a compromised business smartphone is like giving a cybercriminal complete access to critical company data
Employees risk losing important company data via their mobile devices through the following means
bull Connecting to unsecure wireless networksbull Downloading and installing unapproved appsbull Visiting possibly malicious websitesbull Leaving the mobile device unattended
These along with accidental loss of the actual device pose serious risks to an SMBrsquos data
7 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_trend-micro_ponemon-survey-2012pdf
8 httpwwwfccgovdocumentchairman-remarks-stolen-cell-phones-initiative
Information-stealing malware are one of the most prevalent Android
malware types
Malware that affect BYOD devices existCybercriminals have expanded their reach Aside from desktops they are targeting mobile devices too due to the latterrsquos popularity and expanding user base Once infected the damage done to the device does not stop at the employee but also the company he is tied to9
Mobile malware can do a lot of harm to a business Information-stealing malware one of the most prevalent Android malware types can log steal and publish almost everything an employee does on their mobile The stolen data can include incoming and outgoing calls and text messages address book and usersrsquo location detected by GPS Such malware can pave the way to a potential data breach10
Rooter malware take control of Android devices and its functions as soon as itrsquos installed in a mobile device This grants cybercriminals remote access to affected devices It also gives access to the SMBrsquos network once the device is connected to it
9 httpblogtrendmicrocombeta-version-of-spytool-app-for-android-steals-sms-messages10 httpblogtrendmicrocommore-spying-tools-being-seen-in-application-markets
Attackersrsquo penchant for the Android OS spurred
5000 new malicious apps in Q1
2012 alone
Android is the most targeted mobile OSCybercriminals have always attacked the most popular OS to maximize their potential number of victims Androidrsquos popularity yielding a 509 percent market share among end users and companies makes the OS a constant favorite among cybercriminals11 Attackersrsquo penchant for the Android OS spurred 5000 new malicious apps in Q1 2012 alone The fact that Android is the second most supported mobile OS in SMBs today makes it an even more inviting prospect12 In fact Trend Micro is seeing more than 129000 malicious apps created to target Android users13
What does this mean for SMBs While Android devices are still a viable choice for supplementing an SMBrsquos mobility needs SMBs must also consider the amount of malware targeting the platform and adjust the security policies accordingly
11 httpwwwcomscorecomPress_EventsPress_Releases20127comScore_Reports_May_2012_US_Mobile_Subscriber_Market_Share
12 httpwwweweekcomcaMobile-and-WirelessBYOD-Adoption-Rises-Along-with-SMB-IT-Budgets-Spiceworks-536178
13 httpblogtrendmicrocomhow-big-will-the-android-malware-threat-be-in-2012
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
The smallest device may be the biggest security hole in a company
Why The advent of BYOD (Bring Your Own Device) opens up companies to threats that may slip through the network cracks because of employee negligence BYOD refers to employees who bring their mobile devices to their companyrsquos business network This is part and parcel of consumerization an ongoing trend in businesses where new information technology intended for the consumer market is used in business organizations
The BYOD tide is continuously gaining strength Given this what should small and medium-sized businesses (SMBs) know about the security risks of BYOD and going mobile And what can they do to minimize these risks
43 of SMBs said that they are open to adopting mobility seeing
support for mobile devices and smartphones as a key
priority
BYOD for SMBs is inevitableConsumerization is the trend of using consumer technology in a business organization by its own employees BYOD is a facet of consumerization where employees bring their personal devices like mobile phones laptops and tablets and use them for work usually connecting them to the company network too1
The BYOD Era in SMBs is here to stay It is an essential development that SMBs need to keep up with the competition2
Research shows that SMBs are open to adopting mobility with 43 of SMBs seeing support for mobile devices and smartphones as a key priority3 With the whole world going mobile SMB owners are also using mobile apps to help them save time increase revenue and productivity and reduce costs4
1 httpconsumerizationtrendmicrocomthe-consumerization-university-day-1-consumerization-is-disruptive
2 httpslearningnetworkciscocomblogsvip-perspectives20120609bring-your-own-devicebyod-fad-or-future
3 httpblogsforrestercommichele_pelino10-09-24-mobility_momentum_intensifies_among_small_and_medium_size_businesses
4 httpwwwsbecouncilorguploadsMobile20APP20Final20Report20SBE20Councilpdf
Only 20 of Android-based devices
have security apps installed
SMBs should expect the security challenges that come with BYODRegardless of size any business that adopts mobility should realize that they open themselves up to certain threats
The large number of 400 million activated Android-based devices means to big business for both Google and those who target the OS Moreover we found that only 20 of Android-based devices have security apps installed5
Businesses that embrace BYOD are at risk from the biggest enterprise to the smallest micro entrepreneur As such SMBs must consider that the BYOD Era today is affected by recent threat trends Q1 saw cybercriminals paying more attention to the mobile front6 Cybercriminals will always target the popular platform mdash the more popular the more potential victims there are to take advantage of
5 httpfearlesswebtrendmicrocom2012misconly-20-of-android-mobile-device-users-have-a-security-app-installed
6 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_security_in_the_age_of_mobilitypdf
Critical data on mobile devices are at riskAccording to a Ponemon Institute study the companyrsquos own employees are the biggest threat to company data Employees risk losing data when their devices are stolen or not sufficiently secured from data-stealing malware The same study also shows that employee negligence is the root of many data breaches Smaller organizations or SMBs have a slightly higher rate of data breaches because of negligent or malicious employees or insiders7
Mobile devices also have a high risk of theft In fact smartphones and cellphones make up 30 to 40 of all robberies in major US cities accounting for 27000 thefts8 SMBs must realize that mobile devices need the same if not even more protection than desktops With the consumer smartphone experience geared towards quick and easy access to personal information a compromised business smartphone is like giving a cybercriminal complete access to critical company data
Employees risk losing important company data via their mobile devices through the following means
bull Connecting to unsecure wireless networksbull Downloading and installing unapproved appsbull Visiting possibly malicious websitesbull Leaving the mobile device unattended
These along with accidental loss of the actual device pose serious risks to an SMBrsquos data
7 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_trend-micro_ponemon-survey-2012pdf
8 httpwwwfccgovdocumentchairman-remarks-stolen-cell-phones-initiative
Information-stealing malware are one of the most prevalent Android
malware types
Malware that affect BYOD devices existCybercriminals have expanded their reach Aside from desktops they are targeting mobile devices too due to the latterrsquos popularity and expanding user base Once infected the damage done to the device does not stop at the employee but also the company he is tied to9
Mobile malware can do a lot of harm to a business Information-stealing malware one of the most prevalent Android malware types can log steal and publish almost everything an employee does on their mobile The stolen data can include incoming and outgoing calls and text messages address book and usersrsquo location detected by GPS Such malware can pave the way to a potential data breach10
Rooter malware take control of Android devices and its functions as soon as itrsquos installed in a mobile device This grants cybercriminals remote access to affected devices It also gives access to the SMBrsquos network once the device is connected to it
9 httpblogtrendmicrocombeta-version-of-spytool-app-for-android-steals-sms-messages10 httpblogtrendmicrocommore-spying-tools-being-seen-in-application-markets
Attackersrsquo penchant for the Android OS spurred
5000 new malicious apps in Q1
2012 alone
Android is the most targeted mobile OSCybercriminals have always attacked the most popular OS to maximize their potential number of victims Androidrsquos popularity yielding a 509 percent market share among end users and companies makes the OS a constant favorite among cybercriminals11 Attackersrsquo penchant for the Android OS spurred 5000 new malicious apps in Q1 2012 alone The fact that Android is the second most supported mobile OS in SMBs today makes it an even more inviting prospect12 In fact Trend Micro is seeing more than 129000 malicious apps created to target Android users13
What does this mean for SMBs While Android devices are still a viable choice for supplementing an SMBrsquos mobility needs SMBs must also consider the amount of malware targeting the platform and adjust the security policies accordingly
11 httpwwwcomscorecomPress_EventsPress_Releases20127comScore_Reports_May_2012_US_Mobile_Subscriber_Market_Share
12 httpwwweweekcomcaMobile-and-WirelessBYOD-Adoption-Rises-Along-with-SMB-IT-Budgets-Spiceworks-536178
13 httpblogtrendmicrocomhow-big-will-the-android-malware-threat-be-in-2012
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
43 of SMBs said that they are open to adopting mobility seeing
support for mobile devices and smartphones as a key
priority
BYOD for SMBs is inevitableConsumerization is the trend of using consumer technology in a business organization by its own employees BYOD is a facet of consumerization where employees bring their personal devices like mobile phones laptops and tablets and use them for work usually connecting them to the company network too1
The BYOD Era in SMBs is here to stay It is an essential development that SMBs need to keep up with the competition2
Research shows that SMBs are open to adopting mobility with 43 of SMBs seeing support for mobile devices and smartphones as a key priority3 With the whole world going mobile SMB owners are also using mobile apps to help them save time increase revenue and productivity and reduce costs4
1 httpconsumerizationtrendmicrocomthe-consumerization-university-day-1-consumerization-is-disruptive
2 httpslearningnetworkciscocomblogsvip-perspectives20120609bring-your-own-devicebyod-fad-or-future
3 httpblogsforrestercommichele_pelino10-09-24-mobility_momentum_intensifies_among_small_and_medium_size_businesses
4 httpwwwsbecouncilorguploadsMobile20APP20Final20Report20SBE20Councilpdf
Only 20 of Android-based devices
have security apps installed
SMBs should expect the security challenges that come with BYODRegardless of size any business that adopts mobility should realize that they open themselves up to certain threats
The large number of 400 million activated Android-based devices means to big business for both Google and those who target the OS Moreover we found that only 20 of Android-based devices have security apps installed5
Businesses that embrace BYOD are at risk from the biggest enterprise to the smallest micro entrepreneur As such SMBs must consider that the BYOD Era today is affected by recent threat trends Q1 saw cybercriminals paying more attention to the mobile front6 Cybercriminals will always target the popular platform mdash the more popular the more potential victims there are to take advantage of
5 httpfearlesswebtrendmicrocom2012misconly-20-of-android-mobile-device-users-have-a-security-app-installed
6 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_security_in_the_age_of_mobilitypdf
Critical data on mobile devices are at riskAccording to a Ponemon Institute study the companyrsquos own employees are the biggest threat to company data Employees risk losing data when their devices are stolen or not sufficiently secured from data-stealing malware The same study also shows that employee negligence is the root of many data breaches Smaller organizations or SMBs have a slightly higher rate of data breaches because of negligent or malicious employees or insiders7
Mobile devices also have a high risk of theft In fact smartphones and cellphones make up 30 to 40 of all robberies in major US cities accounting for 27000 thefts8 SMBs must realize that mobile devices need the same if not even more protection than desktops With the consumer smartphone experience geared towards quick and easy access to personal information a compromised business smartphone is like giving a cybercriminal complete access to critical company data
Employees risk losing important company data via their mobile devices through the following means
bull Connecting to unsecure wireless networksbull Downloading and installing unapproved appsbull Visiting possibly malicious websitesbull Leaving the mobile device unattended
These along with accidental loss of the actual device pose serious risks to an SMBrsquos data
7 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_trend-micro_ponemon-survey-2012pdf
8 httpwwwfccgovdocumentchairman-remarks-stolen-cell-phones-initiative
Information-stealing malware are one of the most prevalent Android
malware types
Malware that affect BYOD devices existCybercriminals have expanded their reach Aside from desktops they are targeting mobile devices too due to the latterrsquos popularity and expanding user base Once infected the damage done to the device does not stop at the employee but also the company he is tied to9
Mobile malware can do a lot of harm to a business Information-stealing malware one of the most prevalent Android malware types can log steal and publish almost everything an employee does on their mobile The stolen data can include incoming and outgoing calls and text messages address book and usersrsquo location detected by GPS Such malware can pave the way to a potential data breach10
Rooter malware take control of Android devices and its functions as soon as itrsquos installed in a mobile device This grants cybercriminals remote access to affected devices It also gives access to the SMBrsquos network once the device is connected to it
9 httpblogtrendmicrocombeta-version-of-spytool-app-for-android-steals-sms-messages10 httpblogtrendmicrocommore-spying-tools-being-seen-in-application-markets
Attackersrsquo penchant for the Android OS spurred
5000 new malicious apps in Q1
2012 alone
Android is the most targeted mobile OSCybercriminals have always attacked the most popular OS to maximize their potential number of victims Androidrsquos popularity yielding a 509 percent market share among end users and companies makes the OS a constant favorite among cybercriminals11 Attackersrsquo penchant for the Android OS spurred 5000 new malicious apps in Q1 2012 alone The fact that Android is the second most supported mobile OS in SMBs today makes it an even more inviting prospect12 In fact Trend Micro is seeing more than 129000 malicious apps created to target Android users13
What does this mean for SMBs While Android devices are still a viable choice for supplementing an SMBrsquos mobility needs SMBs must also consider the amount of malware targeting the platform and adjust the security policies accordingly
11 httpwwwcomscorecomPress_EventsPress_Releases20127comScore_Reports_May_2012_US_Mobile_Subscriber_Market_Share
12 httpwwweweekcomcaMobile-and-WirelessBYOD-Adoption-Rises-Along-with-SMB-IT-Budgets-Spiceworks-536178
13 httpblogtrendmicrocomhow-big-will-the-android-malware-threat-be-in-2012
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
Only 20 of Android-based devices
have security apps installed
SMBs should expect the security challenges that come with BYODRegardless of size any business that adopts mobility should realize that they open themselves up to certain threats
The large number of 400 million activated Android-based devices means to big business for both Google and those who target the OS Moreover we found that only 20 of Android-based devices have security apps installed5
Businesses that embrace BYOD are at risk from the biggest enterprise to the smallest micro entrepreneur As such SMBs must consider that the BYOD Era today is affected by recent threat trends Q1 saw cybercriminals paying more attention to the mobile front6 Cybercriminals will always target the popular platform mdash the more popular the more potential victims there are to take advantage of
5 httpfearlesswebtrendmicrocom2012misconly-20-of-android-mobile-device-users-have-a-security-app-installed
6 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_security_in_the_age_of_mobilitypdf
Critical data on mobile devices are at riskAccording to a Ponemon Institute study the companyrsquos own employees are the biggest threat to company data Employees risk losing data when their devices are stolen or not sufficiently secured from data-stealing malware The same study also shows that employee negligence is the root of many data breaches Smaller organizations or SMBs have a slightly higher rate of data breaches because of negligent or malicious employees or insiders7
Mobile devices also have a high risk of theft In fact smartphones and cellphones make up 30 to 40 of all robberies in major US cities accounting for 27000 thefts8 SMBs must realize that mobile devices need the same if not even more protection than desktops With the consumer smartphone experience geared towards quick and easy access to personal information a compromised business smartphone is like giving a cybercriminal complete access to critical company data
Employees risk losing important company data via their mobile devices through the following means
bull Connecting to unsecure wireless networksbull Downloading and installing unapproved appsbull Visiting possibly malicious websitesbull Leaving the mobile device unattended
These along with accidental loss of the actual device pose serious risks to an SMBrsquos data
7 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_trend-micro_ponemon-survey-2012pdf
8 httpwwwfccgovdocumentchairman-remarks-stolen-cell-phones-initiative
Information-stealing malware are one of the most prevalent Android
malware types
Malware that affect BYOD devices existCybercriminals have expanded their reach Aside from desktops they are targeting mobile devices too due to the latterrsquos popularity and expanding user base Once infected the damage done to the device does not stop at the employee but also the company he is tied to9
Mobile malware can do a lot of harm to a business Information-stealing malware one of the most prevalent Android malware types can log steal and publish almost everything an employee does on their mobile The stolen data can include incoming and outgoing calls and text messages address book and usersrsquo location detected by GPS Such malware can pave the way to a potential data breach10
Rooter malware take control of Android devices and its functions as soon as itrsquos installed in a mobile device This grants cybercriminals remote access to affected devices It also gives access to the SMBrsquos network once the device is connected to it
9 httpblogtrendmicrocombeta-version-of-spytool-app-for-android-steals-sms-messages10 httpblogtrendmicrocommore-spying-tools-being-seen-in-application-markets
Attackersrsquo penchant for the Android OS spurred
5000 new malicious apps in Q1
2012 alone
Android is the most targeted mobile OSCybercriminals have always attacked the most popular OS to maximize their potential number of victims Androidrsquos popularity yielding a 509 percent market share among end users and companies makes the OS a constant favorite among cybercriminals11 Attackersrsquo penchant for the Android OS spurred 5000 new malicious apps in Q1 2012 alone The fact that Android is the second most supported mobile OS in SMBs today makes it an even more inviting prospect12 In fact Trend Micro is seeing more than 129000 malicious apps created to target Android users13
What does this mean for SMBs While Android devices are still a viable choice for supplementing an SMBrsquos mobility needs SMBs must also consider the amount of malware targeting the platform and adjust the security policies accordingly
11 httpwwwcomscorecomPress_EventsPress_Releases20127comScore_Reports_May_2012_US_Mobile_Subscriber_Market_Share
12 httpwwweweekcomcaMobile-and-WirelessBYOD-Adoption-Rises-Along-with-SMB-IT-Budgets-Spiceworks-536178
13 httpblogtrendmicrocomhow-big-will-the-android-malware-threat-be-in-2012
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
Critical data on mobile devices are at riskAccording to a Ponemon Institute study the companyrsquos own employees are the biggest threat to company data Employees risk losing data when their devices are stolen or not sufficiently secured from data-stealing malware The same study also shows that employee negligence is the root of many data breaches Smaller organizations or SMBs have a slightly higher rate of data breaches because of negligent or malicious employees or insiders7
Mobile devices also have a high risk of theft In fact smartphones and cellphones make up 30 to 40 of all robberies in major US cities accounting for 27000 thefts8 SMBs must realize that mobile devices need the same if not even more protection than desktops With the consumer smartphone experience geared towards quick and easy access to personal information a compromised business smartphone is like giving a cybercriminal complete access to critical company data
Employees risk losing important company data via their mobile devices through the following means
bull Connecting to unsecure wireless networksbull Downloading and installing unapproved appsbull Visiting possibly malicious websitesbull Leaving the mobile device unattended
These along with accidental loss of the actual device pose serious risks to an SMBrsquos data
7 httpwwwtrendmicrocomcloud-contentuspdfssecurity-intelligencereportsrpt_trend-micro_ponemon-survey-2012pdf
8 httpwwwfccgovdocumentchairman-remarks-stolen-cell-phones-initiative
Information-stealing malware are one of the most prevalent Android
malware types
Malware that affect BYOD devices existCybercriminals have expanded their reach Aside from desktops they are targeting mobile devices too due to the latterrsquos popularity and expanding user base Once infected the damage done to the device does not stop at the employee but also the company he is tied to9
Mobile malware can do a lot of harm to a business Information-stealing malware one of the most prevalent Android malware types can log steal and publish almost everything an employee does on their mobile The stolen data can include incoming and outgoing calls and text messages address book and usersrsquo location detected by GPS Such malware can pave the way to a potential data breach10
Rooter malware take control of Android devices and its functions as soon as itrsquos installed in a mobile device This grants cybercriminals remote access to affected devices It also gives access to the SMBrsquos network once the device is connected to it
9 httpblogtrendmicrocombeta-version-of-spytool-app-for-android-steals-sms-messages10 httpblogtrendmicrocommore-spying-tools-being-seen-in-application-markets
Attackersrsquo penchant for the Android OS spurred
5000 new malicious apps in Q1
2012 alone
Android is the most targeted mobile OSCybercriminals have always attacked the most popular OS to maximize their potential number of victims Androidrsquos popularity yielding a 509 percent market share among end users and companies makes the OS a constant favorite among cybercriminals11 Attackersrsquo penchant for the Android OS spurred 5000 new malicious apps in Q1 2012 alone The fact that Android is the second most supported mobile OS in SMBs today makes it an even more inviting prospect12 In fact Trend Micro is seeing more than 129000 malicious apps created to target Android users13
What does this mean for SMBs While Android devices are still a viable choice for supplementing an SMBrsquos mobility needs SMBs must also consider the amount of malware targeting the platform and adjust the security policies accordingly
11 httpwwwcomscorecomPress_EventsPress_Releases20127comScore_Reports_May_2012_US_Mobile_Subscriber_Market_Share
12 httpwwweweekcomcaMobile-and-WirelessBYOD-Adoption-Rises-Along-with-SMB-IT-Budgets-Spiceworks-536178
13 httpblogtrendmicrocomhow-big-will-the-android-malware-threat-be-in-2012
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
Information-stealing malware are one of the most prevalent Android
malware types
Malware that affect BYOD devices existCybercriminals have expanded their reach Aside from desktops they are targeting mobile devices too due to the latterrsquos popularity and expanding user base Once infected the damage done to the device does not stop at the employee but also the company he is tied to9
Mobile malware can do a lot of harm to a business Information-stealing malware one of the most prevalent Android malware types can log steal and publish almost everything an employee does on their mobile The stolen data can include incoming and outgoing calls and text messages address book and usersrsquo location detected by GPS Such malware can pave the way to a potential data breach10
Rooter malware take control of Android devices and its functions as soon as itrsquos installed in a mobile device This grants cybercriminals remote access to affected devices It also gives access to the SMBrsquos network once the device is connected to it
9 httpblogtrendmicrocombeta-version-of-spytool-app-for-android-steals-sms-messages10 httpblogtrendmicrocommore-spying-tools-being-seen-in-application-markets
Attackersrsquo penchant for the Android OS spurred
5000 new malicious apps in Q1
2012 alone
Android is the most targeted mobile OSCybercriminals have always attacked the most popular OS to maximize their potential number of victims Androidrsquos popularity yielding a 509 percent market share among end users and companies makes the OS a constant favorite among cybercriminals11 Attackersrsquo penchant for the Android OS spurred 5000 new malicious apps in Q1 2012 alone The fact that Android is the second most supported mobile OS in SMBs today makes it an even more inviting prospect12 In fact Trend Micro is seeing more than 129000 malicious apps created to target Android users13
What does this mean for SMBs While Android devices are still a viable choice for supplementing an SMBrsquos mobility needs SMBs must also consider the amount of malware targeting the platform and adjust the security policies accordingly
11 httpwwwcomscorecomPress_EventsPress_Releases20127comScore_Reports_May_2012_US_Mobile_Subscriber_Market_Share
12 httpwwweweekcomcaMobile-and-WirelessBYOD-Adoption-Rises-Along-with-SMB-IT-Budgets-Spiceworks-536178
13 httpblogtrendmicrocomhow-big-will-the-android-malware-threat-be-in-2012
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
Attackersrsquo penchant for the Android OS spurred
5000 new malicious apps in Q1
2012 alone
Android is the most targeted mobile OSCybercriminals have always attacked the most popular OS to maximize their potential number of victims Androidrsquos popularity yielding a 509 percent market share among end users and companies makes the OS a constant favorite among cybercriminals11 Attackersrsquo penchant for the Android OS spurred 5000 new malicious apps in Q1 2012 alone The fact that Android is the second most supported mobile OS in SMBs today makes it an even more inviting prospect12 In fact Trend Micro is seeing more than 129000 malicious apps created to target Android users13
What does this mean for SMBs While Android devices are still a viable choice for supplementing an SMBrsquos mobility needs SMBs must also consider the amount of malware targeting the platform and adjust the security policies accordingly
11 httpwwwcomscorecomPress_EventsPress_Releases20127comScore_Reports_May_2012_US_Mobile_Subscriber_Market_Share
12 httpwwweweekcomcaMobile-and-WirelessBYOD-Adoption-Rises-Along-with-SMB-IT-Budgets-Spiceworks-536178
13 httpblogtrendmicrocomhow-big-will-the-android-malware-threat-be-in-2012
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
WHAT YOU CAN DO TO ENJOY THE BENEFITS OF CONSUMERIZATION
To help protect your companyrsquos assets and data from the risks of BYOD
follow these tips and best practices
have a planbull Root out potential pain points that may arise from the adoption of
BYOD for your business and if applicable throughout your entire organization
bull Engage your personnel or departmentsbull Survey the types of devices used by your employees and the potential
device choices in the futurebull For added information you can consult A Guide to Consumerization amp
Building a BYOD Policy
SeT policieSbull Determine which devices will be standard those that will be tolerated
and those that will be unsupported or banned from the networkbull Decide on the parameters on how such individuals are chosen for BYOD
Will it be based on role or locationbull Plan out the procedures taken when devices are lost stolen or
damaged Encourage reporting and honesty
implemenT ToolSbull Trend Microtrade Worry Freetrade Business Security Services supports
the Android platform with features such as App Scanning and Web Reputation This offering also adds Android devices in the list of systems you are able to manage from a central web-based management console
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners
TREND MICROtrade
Trend Micro Incorporated (TYO 4704 TSE 4704) a global cloud secu-rity leader creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers A pioneer in server security with over 20 yearsrsquo experience we deliver top-ranked client server and cloud-based security that fits our customersrsquo and partnersrsquo needs stops new threats faster and protects data in physical virtualized and cloud environments Powered by the industry-leading Trend Microtrade Smart Protection Networktrade cloud computing security infrastructure our products and services stop threats where they emergemdashfrom the Inter-net They are supported by 1000+ threat intelligence experts around the globe
TRENDLABSSM
TrendLabs is a multinational research development and support center with an extensive regional presence committed to 24 x 7 threat surveillance attack prevention and timely and seamless solutions delivery With more than 1000 threat experts and support engineers deployed round-the-clock in labs located around the globe TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe deliver real-time data to detect to preempt and to eliminate threats research on and analyze technologies to combat new threats respond in real time to targeted threats and help custom-ers worldwide minimize damage reduce costs and ensure business continuity
copy2012 by Trend Micro Incorporated All rights reserved Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated All other product or company names may be trademarks or registered trademarks of their owners