In government, mobile devices are both embraced and resisted. The mobility and ease of use afforded by smartphones and tablets helps boost worker productivity
even as they open doors for hackers. According to research by Wandera
, in 2018 there were 455,121 mobile phishing attacks, 1.9 million Wi-Fi incidents, and 32,846 malware attacks.
Agencies may not be moving quickly enough to keep up with the rapidly evolving threat landscape. The Department of Homeland Security’s Continuous Diagnostics and Mitigation program (CDM), for example, provides agencies with a rigorous approach to better cybersecurity enforcement. However, a report
from the Government Accountability Office indicated only four agencies have made it to Phase 3 of the CDM program, while 19 agencies haven’t even begun to implement CDM.
As government organizations continue with their CDM efforts, here are a few other strategies they can implement now to better defend against rising mobile threats.
- Endpoint security to address sophisticated attack methods. Today, bad actors are opting for social engineering, such as mobile phishing (which research shows is harder to spot than email lures), whaling, pretexting, and baiting. To defend against these threats, agencies must implement endpoint detection capable of immediately alerting them to unknown or unauthorized devices on the network. Administrators can then investigate the occurrence and, if necessary, prohibit the device from accessing the network.
- User behavioral monitoring. According to the Wandera report, 1 million smartphone or tablet lock screens were disabled in 2018, allowing hackers to bypass simple four-digit passcodes. Worse, many users never even bothered to implement lock screen protection on their personal devices. Agency administrators can develop baselines of normal device usage for each employee, so they know of any deviation from those patterns indicating a person’s device has been compromised.
- User access rights management. Some users may maintain their access privileges, even after they’ve left an agency, allowing them to sign on to the network. A hacker can do the same, using a compromised account. Administrators can implement systems to automatically scan Active Directory for those who may no longer warrant access to the network and take steps to revoke their privileges.
- User education. Defending against mobile threats should be everyone’s responsibility, especially in a bring-your-own-device environment. Users must be informed of best practices for mobile device security and encouraged to ensure their devices are as protected as possible.
This should go beyond basic security hygiene, such as implementing strong lock screen codes or facial scanning. Users should frequently update their devices to the most recent operating systems, which likely have stronger security protections against known vulnerabilities.
Meanwhile, shadow IT
should be discouraged, because installing unauthorized technology can frequently present challenges.
It seems like we’ve been talking about the mobile device threat for years, and fortunately, administrators can take steps today to improve their mobile device security postures. Employing a powerful combination of technical processes and old-fashioned awareness can keep administrators ahead of the game.
Find the full article on Government Computer News