{"id":102177,"date":"2019-10-02T06:00:43","date_gmt":"2019-10-02T13:00:43","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=102177"},"modified":"2019-10-01T13:59:44","modified_gmt":"2019-10-01T20:59:44","slug":"cloud-mobile-security-threats","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2019\/10\/cloud-mobile-security-threats\/","title":{"rendered":"The Top 5 Mobile Security Threats and How to Mitigate Them"},"content":{"rendered":"

By Evin Safdia, Technical Marketing Manager, Prisma<\/span><\/p>\n

While the average worker has grown as comfortable using mobile devices as desktop computers, security teams have yet to catch up. Mobile devices have emerged in recent years as the leading platform for cybercrime and cybersecurity threats against organizations. However, organizations are still working to protect these relatively new additions to enterprise networks, especially since they often contain a mixture of business and personal data.<\/span><\/p>\n

Some of the biggest mobile security threats companies are seeing recently include:\u00a0\u00a0<\/span><\/p>\n

    \n
  1. Phishing Threats<\/b>: In the past, <\/span>phishing attacks<\/span><\/a> largely took place by email. Today, they\u2019re primarily happening through mobile channels, such as text messaging (SMS), Facebook Messenger, WhatsApp and phony websites that look legitimate, including some that even start with the secure HTTPS extension. Spear phishing is also a rising threat as hackers target specific employees or organizations through mobile devices in order to gain access to sensitive data.\u00a0<\/span><\/li>\n
  2. Mobile Malware:<\/b> Every website visited or link clicked has the potential to infect mobile devices with malware, such as spyware, ransomware, Trojan viruses, adware and others.<\/li>\n
  3. Fake Public Wi-Fi Networks:<\/b> Many mobile workers today use public Wi-Fi networks at coffee shops, airports, restaurants and other locations whenever they\u2019re working outside the office. Because most cybercriminals are aware of this, they often leverage these networks to trick mobile users into connecting to fake Wi-Fi networks, placing data at risk. What\u2019s worse is, even when a company does have a policy in place against using public Wi-Fi networks, 81% of employees admit they still use them anyway<\/a>.<\/li>\n
  4. Malicious Apps<\/b>: The world is full of software applications that can either be used over the internet or downloaded from websites, Apple App Store or Google Play. Many of these applications are legitimate and safe to use, but there are also thousands that aren\u2019t. Thus, downloading an app or granting an app permission to access functions on a mobile device may expose the user\u2019s company to a host of security and privacy risks. Some apps even collect data without asking the user for permission.<\/li>\n
  5. Data Leaks<\/b>: Data leaks occur with any unauthorized or unintentional transfer of data from inside an organization to an external party or destination. These leaks can range from someone inside a company accidentally transferring confidential or sensitive data to a public cloud, instead of a private one, all the way to an attacker or a disgruntled employee deliberately stealing the company\u2019s data. Mobile devices, which often contain a mixture of business and personal data, make it even easier to blur the boundaries around enterprise data inadvertently or purposefully.<\/li>\n<\/ol>\n

    Even though these threats are real and continue to grow every day, most companies still don\u2019t have robust security in place to protect and defend themselves and their mobile users.\u00a0<\/span><\/p>\n

    \n