If so, you're at risk." subhead="By Kevin De Snayer" text_orientation="center" background_overlay_color="rgba(0,0,0,0.3)" _builder_version="4.3.2" background_enable_color="off" custom_padding="100px||||false|false" hover_enabled="0"][/et_pb_fullwidth_header][/et_pb_section][et_pb_section fb_built="1" _builder_version="3.22"][et_pb_row _builder_version="3.25" background_size="initial" background_position="top_left" background_repeat="repeat"][et_pb_column type="4_4" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_text _builder_version="4.3.2" hover_enabled="0" z_index_tablet="500" text_text_shadow_horizontal_length_tablet="0px" text_text_shadow_vertical_length_tablet="0px" text_text_shadow_blur_strength_tablet="1px" link_text_shadow_horizontal_length_tablet="0px" link_text_shadow_vertical_length_tablet="0px" link_text_shadow_blur_strength_tablet="1px" ul_text_shadow_horizontal_length_tablet="0px" ul_text_shadow_vertical_length_tablet="0px" ul_text_shadow_blur_strength_tablet="1px" ol_text_shadow_horizontal_length_tablet="0px" ol_text_shadow_vertical_length_tablet="0px" ol_text_shadow_blur_strength_tablet="1px" quote_text_shadow_horizontal_length_tablet="0px" quote_text_shadow_vertical_length_tablet="0px" quote_text_shadow_blur_strength_tablet="1px" header_text_shadow_horizontal_length_tablet="0px" header_text_shadow_vertical_length_tablet="0px" header_text_shadow_blur_strength_tablet="1px" header_2_text_shadow_horizontal_length_tablet="0px" header_2_text_shadow_vertical_length_tablet="0px" header_2_text_shadow_blur_strength_tablet="1px" header_3_text_shadow_horizontal_length_tablet="0px" header_3_text_shadow_vertical_length_tablet="0px" header_3_text_shadow_blur_strength_tablet="1px" header_4_text_shadow_horizontal_length_tablet="0px" header_4_text_shadow_vertical_length_tablet="0px" header_4_text_shadow_blur_strength_tablet="1px" header_5_text_shadow_horizontal_length_tablet="0px" header_5_text_shadow_vertical_length_tablet="0px" header_5_text_shadow_blur_strength_tablet="1px" header_6_text_shadow_horizontal_length_tablet="0px" header_6_text_shadow_vertical_length_tablet="0px" header_6_text_shadow_blur_strength_tablet="1px" box_shadow_horizontal_tablet="0px" box_shadow_vertical_tablet="0px" box_shadow_blur_tablet="40px" box_shadow_spread_tablet="0px"]
Let's see if I can guess your daily habits. You wake up, probably to an alarm from your mobile device, you roll over and check your email, schedule, and see what the day has in store. From there, you get ready for your day, starting off the morning with some light surfing of social media and news sites, order a coffee on the way to the office—potentially from a mobile app, and the day begins. Sound about right?
It's okay if this sounds familiar. This is almost everyone's daily routine—including mine. And the one common thread that ties this together, regardless of preferred apps, social sites, and so on, is the fact that your mobile device is at the epicenter of it all.
So, what's the issue? After all, with more than 2.9 billion mobile devices worldwide, representing a total of 5 million apps available for download between the Apple app store and Google Play store, what could possible go wrong? Do you really want the answer?
Before we get into the real nitty gritty of mobile cyber security issues, let's first talk about the nature of information on the device itself, and how it can pose a very real and imminent threat to data security.
Long before information leaves your phone, many private data files can be easily accessed by other people who may have access to your device, or through specific apps that may be granted access (or through special circumstances may natively have access to passwords for purchases, etc.), all these pose a threat. In fact, some apps can even access other apps—you see where this is going?
So now let's discuss the connectivity issue. If people and apps can access information that in turn can be sent to … well ... somewhere. This brings about an entirely new set of challenges. And to be clear, none of this is yet to be determined as nefarious. Apps are just apps, but they rely on data to perform their intended functions. It's where the data goes that is the issue.
The first weak point in the chain is the server, as any information shared between the app and the host has to go through one. The best defense for server side vulnerabilities is to implement a simple scanning technology to ensure nothing is being shared that shouldn't be shared.
Now, to get slightly technical for a moment, and I promise only for a moment, there is the issue of something called Insufficient Transport Layer Protection. In a nutshell, this is the route that data takes when leaving the device and traveling to the server itself and back again. If the transport layer is insufficiently secured, hackers can intercept the data. One of many ways to prevent this is to simply require a more robust SSL chain verification.
Okay, so now back to the not so technical, but equally important. Mobile device types such as iPhone and Android are always connected to the cloud—and the cloud is not some magical place that’s hosting your data, it’s just someone else's computer. This connection means that the apps residing on those device types are in constant contact with each other and the outside world.
The biggest issue here is that app developers may not implement the best security protocols, meaning that your apps could be making security decisions on your behalf as to what to share and what not to share—unfortunately, sharing information that you wouldn't on your worst day authorize. This can put you at risk. In these cases, it may be difficult to know what is being shared. This is where mobile device management together with mobile security can greatly help mitigate risk.
In all, I don't mean to scare anyone—perhaps just a little if only for education and safety. Mobile devices remain a major security risk for companies of all sizes. The best defense, find a cyber security partner who knows how to lock these and many more issue down to ensure data remains safe, and people's lives are not affected.
And if you're interested, we are just a call away—that is if you dare use your mobile device to call us in the first place ... maybe email would be better? Oh wait ...[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]
décembre 9, 2022
Calian IT and Cyber Solutions once again listed on the Houston Business Journal’s 2022 Largest Houston-area Cybersecurity Companies List
Calian IT and Cyber Solutions (ITCS), a leading provider of IT and cybersecurity services for enterprises across the United States for the last 40 years, was again listed on the Houston Business Journal’s 2022 Largest Houston-area Cybersecurity Companies List - a fourth...
novembre 30, 2022
Calian Receives Cisco Regional Partner of the Year Award: TAO at Cisco Partner Summit 2022
At Cisco Partner Summit 2022, Calian was honored with the Cisco Regional Partner of the Year Award for its innovation, leadership and best practice as a Cisco business partner across Texas, Arkansas and Oklahoma.
novembre 3, 2022
In Case of Emergency… Have a Plan
When an emergency occurs, it’s too late to plan or rehearse the response. Fires, floods and other disasters don’t pause while you get ready to address them. Policies, plans and procedures for response must be in place long before they are needed.