GDPR is on the horizon, and it promises to clamp down on sloppy data security for more than just the businesses based in the EU. On May 25, 2018, the General Data Protection Regulation will go into effect with global impact, and the new standard for handling EU data subjects’ information comes at a time when data breaches are only increasing in frequency and severity.
Ransomware Running Rampant
In May and June 2017, two large scale ransomware attacks crippled enterprises around the globe. The attack in May affected the British National Health Service and other organizations in over 150 countries, while the attack in June affected 2,000 computers in a dozen European countries.
It’s worth noting that these are just the more widely publicized breaches in the last few months, and that mobile cyber security is being tested as well. This Kaspersky Lab Malware Report for Q1 of 2017 details the increases in global ransomware attacks and how mobile users in particular were affected with Trojans downloaded from various app installations.
What’s more concerning is this survey given to 307 risk managers, insurance brokers, and legal experts conducted by Advisen and Experian Data Breach Resolution. Only 32 percent of Risk Managers consider their companies very well prepared to deal with a cyber incident. In this global climate of cyber risk, it is as important as it has ever been to make sure you have an accurate and agile view of your data security measures, and a quick course for correction in the case of a breach. For those unsure of their security posture against GDPR, the regulation will correct weak spots with the highest penalties for non-compliance ever.
Ransomware is Just One Type of Threat
For many companies, BYOD presents a major challenge for endpoint security and soon, GDPR compliance. There is a gaping hole in the mobile security market for a solution that satisfies the need for a good app and workflow experience that still meets the requirements for regulations like GDPR.
The typical BYOD or CYOD user accessing enterprise applications on their smartphone or tablet is likely unaware of the many forms of cyber threat to corporate data and IP when these apps are not protected. This article from Kaspersky Lab outlines the top seven threats in addition to ransomware that such a user would probably miss, including data leakage, unsecured Wi-Fi, network spoofing, phishing attacks, spyware, broken cryptography, and improper session handling. True, many EMMs contend with these risks quite well, but at the expense of their mobile teams’ device-level functionality and productivity.
One alternative to the overly-restrictive and heavy solutions that enterprise-sized vendors offer is the Secure.Systems™ Workspace. Secure.Systems™ allows for unimpeded and totally secure collaboration between mobile employees and their enterprise ecosystem. The Workspace’s connection is protected through FIPS 140-2 certified, AES 256-bit encryption and offers a full suite of mobile-enabled productivity applications divided into four key workflows: secure enterprise communications, secure enterprise file management, secure internet/intranet, and secure location-based services.
Free Mobile Security Infrastructure Assessment
Are you concerned about GDPR and want to see how your mobile InfoSec infrastructure stacks up? Click here for a free mobile security infrastructure assessment to review:
- Your enterprise-to-mobile back-end infrastructure security, with grading
- Your OS vulnerability, with grading
- Your mobile application vulnerability, with grading
- Your device data (at-rest and in-transit) vulnerability, with grading
- Your overall score for enterprise mobility security.
For more information about Secure.Systems™, the product data sheet can be found here.