Archon Secure
Solutions
Endpoint
Archon ZV Archon Sidearm Archon Sidearm Mobile GoSilent Cube
Service Offerings
GoSilent Virtual Server Gateway Services
Obfuscation
CAMO GoSilent Global
Archon Manager
Use Cases
Enterprise
An Enterprise Secures its Supply Chain
Government
ASSETT Securing remote workers Securing Mobile Communications For Comms Kits DoD Agency Secures its Supply Chain DoD Agency Mobilizes Communications For Classified Networks Scaling Secure Law Enforcement Agency Solutions for the Future
System Integrators Trusted Integrators
Technology
Certifications
CSfC Certification National Information Assurance Partnership (NIAP) Commercial National Security Algorithm (CNSA) Suite Encryption Federal Information Processing Standards (FIPS) CAVP
Partners
Partner Benefits Become a Partner
Learn
Guides Blog News & Press Events Marketing Collateral CSfC Resource Center IoT Resource Center
About
Who We Are Certifications Careers Contact Us Reference Center
Solutions
Endpoint
Archon ZV Archon Sidearm Archon Sidearm Mobile GoSilent Cube
Service Offerings
GoSilent Virtual Server Gateway Services
Obfuscation
CAMO GoSilent Global
Archon Manager
Use Cases
Enterprise
An Enterprise Secures its Supply Chain
Government
ASSETT Securing remote workers Securing Mobile Communications For Comms Kits DoD Agency Secures its Supply Chain DoD Agency Mobilizes Communications For Classified Networks Scaling Secure Law Enforcement Agency Solutions for the Future
System Integrators Trusted Integrators
Technology
Certifications
CSfC Certification National Information Assurance Partnership (NIAP) Commercial National Security Algorithm (CNSA) Suite Encryption Federal Information Processing Standards (FIPS) CAVP
Partners
Partner Benefits Become a Partner
Learn
Guides Blog News & Press Events Marketing Collateral CSfC Resource Center IoT Resource Center
About
Who We Are Certifications Careers Contact Us Reference Center
Search

Security Challenges in Mobile Devices

Become more aware of the threat landscape and the inherent difficulties in managing mobile devices from a security perspective.
5 min read

Modern mobile devices are a staple technology in almost every enterprise environment. From tech to defense, our reliance on smartphones, tablets and other mobile devices can’t be understated. As we do more and more outside the office, security challenges for mobile devices also evolve. These challenges evolve almost daily, meaning meeting security challenges is that much harder.

Let’s explore some of the security challenges in mobile devices. Hopefully, by the end of this article, you’ll be more aware of the threat landscape and the inherent difficulties in managing mobile devices from a security perspective.

 

-- Article Continues Below --

 

New call-to-action

Read the complete guide on securing data for mobile devices

 

It’s Not Just Mobile Devices

While you can do quite a lot to tackle the risks inherent in mobile devices, the one variable that often evades control is the end-user. This is by and large one of the biggest security challenges in mobile devices.

 

52% of device network attacks, according to research done by Check Point in 2020, fall in the phishing category. Social engineering attacks like this are a cause for concern. Not just because they make up a huge portion of attacks on mobile devices, but it's often a threat that is left squarely to the end-user to avoid. This essentially creates an inherent weak point in any mobile security policy.

 

It’s not just the end-user, either. While enterprise organizations can implement mobile security policies and mobile device management strategies, they often don’t. In fact, 40% of companies surveyed by Verizon claimed that mobile devices posed the most significant security risk. Sacrificing security is a common trope.

It's easy to overlook our dependence on mobile devices in company networks. To adapt to a modern threat landscape, end-users, IT administrators and management need to all be on the same page regarding mobile device security.

 

Blindspots in Security Policies

When it comes to developing robust security policies around mobile devices, organizations do have options. More often than not, though, these options operate on a spectrum with flexibility and convenience on one side and security on the other. For the best results, security-minded enterprise organizations will often opt for a corporate-owned personally enabled (COPE) or corporate-owned business only (COBO) policy toward mobile device use in the workplace.

 

In both of these options, end-users will use a corporate device that gives IT administrators the most control over what’s happening on the device. Even so, threats still exist within this framework that often gets overlooked. Take public Wi-Fi, for example. In large urban areas, it's a pretty common convenience to jump on and off public networks throughout the day.

 

Any way that you cut it, public Wi-Fi presents a huge risk for data security. Kaspersky studied data from over 32 million Wi-Fi hotspots around the world and found that around 25% used no encryption whatsoever. In many of these cases, it's up to the end-user to parse what’s secure and what’s not. Moreover, if those end-users don’t understand best practices for mobile device security, they are essentially walking blind in a risk-dense environment.

 

Digital Exhaust

As we travel through the world, we’re all leaving a digital trail of breadcrumbs in our wake. This data trail is what big names in tech like Apple and Google use to feed their marketing research algorithms. Applications like Chrome or iCloud build these services right into the software. We call this data leak digital exhaust — and it's becoming quite a challenge for securing mobile devices.

 

Data loss via synchronization comes in many different forms. Remote synchronization happens when automated services send data to cloud-based storage systems. This can be through a backup or just sending data to Google without your explicit permission. In most cases, you’ll need to “opt-in” to these features, but most users don’t understand the risks inherent in automatic synchronization and digital exhaust.

 

One big example is the leaking of locational data in the military. Something as innocuous as a fitness app presented a significant risk to the location of top-secret bases across the world. In this instance, it was running heat maps linked to fitness trackers and an application called Strava. When military personnel went on runs around the base’s perimeter, this information was made publicly available — essentially giving away the base’s location.

 

Common Threats in Today’s Risk Landscape

Let’s take a look at some common security threats that face mobile devices in the modern world. We’ve already taken a peek at a few of the biggest threats. Unfortunately, though, you’ll find an evolving list of threats that will constantly need your attention if security is a prime concern:

  • Data leakage — This often happens unintentionally through applications. This is made worse by the fact that most app stores allow for third-party and non-vetted applications. 
  • Unsecure Wi-Fi — We’ve already touched on why this is a big issue. To be safe, following best practices and limiting public Wi-Fi use is a good strategy.
  • Network spoofing — Attackers can set up fake access points that resemble a safe network but instead open up vulnerabilities in your device security. 
  • Broken cryptography — When developers use weak encryption algorithms, it can leave devices vulnerable and open to attacks.

These are just a small selection of the threats that face mobile devices. To stay vigilant, security policies need to adapt to the ever-changing landscape. But that’s only half the battle. Education is also a huge factor in keeping your team safe and secure.

 

Culture and Risk: Why it Matters

While teams can do quite a bit to lock down security from an enterprise perspective, some things are out of organizational control. We’ve already addressed the end-user perspective, but let’s explore what it looks like from an app development perspective.

 

Security is always a balance. In almost every case, you sacrifice flexibility and convenience for security. So, do you think app developers are going to take away convenience to secure their apps? Of course not. Convenience and productivity are the names of the game. Unfortunately, security is often left out of the conversation.

 

We can even extend this idea to mobile devices themselves. Do we use laptops, tablets and smartphones because they are more secure? Again, we don’t; we use them for their convenience. To adopt a security perspective means shifting the culture of risk management in an enterprise setting. It's no longer an option to ignore mobile device security. 

 

Leveraging Archon Mobile to Mitigate Security Risks

Modern problems require modern solutions. With Archon Mobile, end-users operate within specialized “personas” that are essentially disconnected from the underlying technology stack. What this does is allow for end-users to operate their devices just as they would regularly but without opening up vulnerabilities.

 

Our approach is fundamentally different from other security measures and enterprise policies. We wanted to tackle the security challenges in mobile devices head-on. Our system is built from the ground up to meet the most stringent commercial solutions for classified (CSfC) framework while still presenting an easy-to-use mobile experience for end-users. 

 

Our platform combines the best qualities of convenience without sacrificing security. To learn more, make sure to reach out today!

New call-to-action
Table Of Contents
Share this article

Contact Us.

Our team of experts has configured hundreds of solutions for organizations throughout the globe. Let us help you make security simple.
Contact Us