Malware in the Enterprise: Where Does it Come From?
When implementing a BYOD strategy one of the first things that comes to mind is the potential security risk to you corporate data. Malware has always been and always will be a concern in all aspects of a corporation but with the rise of mobility and especially BYOD, the risk becomes much more real. With corporate owned devices it’s much easier to control what apps your employees download by blacklisting and whitelisting certain apps. With BYOD you can still blacklist and whitelist apps, but you can’t tell you employees not to download social media apps or dating apps.
With this lack of control comes security threats and Malware. Malware comes in many different forms and some have familiar names like Trojan, Adware and Viruses, and others aren’t so familiar like, Rootkit, Worm and Packed.
It’s important that your employees know that there are different kinds of Malware and that they all do different things. There’s more out there than just Trojans. Rootkit will remotely access a device without being detected and the malicious party will be able to execute files and steal information. Worms will spread over the entire network causing harm to the host network.
So where does this malware come from? Although most Android devices are just as secure as iOS devices, malware will target mostly Android just because of the sheer number of users. According to a study by Pulse Secure, 97 percent of malware comes from Android applications and an overwhelming majority of that malware is Trojan.
The Pulse Secure study also states that 73 percent of malware encountered by corporate and consumer Android users continues to be malware designed to seek immediate profit for the developer.
The best way to avoid malware on BYOD devices is education. Educating your employees on how to properly care for their devices, especially with all of the sensitive data on them is the best way to avoid malware.
Most of the Android malware comes from unauthorized app stores. Having your Android user’s only download from the Google Play store monumentally decreases the risk of downloading malware. Only 0.1 percent of apps on the Google Play Store contain malware.
Updating apps is another way to avoid malware. Older versions of apps that are no longer supported by Google Play and are no longer maintained by the developer can contain malware. Keeping all of your apps up to date will also severely decrease the chances of contracting malware.
The most important thing you can do for your employees is educate them. Let them know how serious malware is when it’s connected to the company network. Offer them resources on how to scan their devices, decide what apps are safe and how to make smart choices about their apps.
Find out more about mobile malware buy reading the Pulse Secure 2015 Mobile Threat Report.