Light Dark
November 25, 2015 By Douglas Bonderud 3 min read
Endpoint

The holiday season is coming, and with it the promise of new mobile devices purchased at steep discounts during Black Friday sales or wrapped and waiting under evergreen trees. While those on the receiving end of these practical and playful presents will be all smiles as they open their new technology, enterprises may not be so merry — what happens these devices hit corporate networks come January? Here’s how to handle the holiday rush.

Trickle Down

When it comes to managing their mobile device network over the holidays, the biggest challenge enterprises face is the influx of new devices. It’s no surprise; users are eager to give or get the latest, greatest smartphones, and many companies plan product launches for late September and mid-October to help capture the attention of tech enthusiasts during the holidays. According to Tech Times, in fact, more than 50 percent of all shopping this holiday season will take place on mobile devices, even among those looking to replace the smartphones or tablets they currently own.

It’s worth noting, however, that companies also face challenges from used smartphones — devices handed down to other family members after the gift-giving season is over. Consider the example of a parent and teenage child. The child receives a brand new phone for the holidays and, not wanting to waste perfectly serviceable technology, the parent keeps the old device and begins using it to access corporate networks and cloud systems. Even though new mobile technology drives the lion’s share of holiday shopping, older devices are often a serious headache for IT admins.

Merry Riskmas?

Bring-your-own-device (BYOD) naysayers frequently lament the risks associated with mobile devices but are often short on specifics. The holiday rush, however, creates a number of serious concerns. First is the use of older models that may contain software or firmware vulnerabilities that have been largely corrected in more recent iterations. Employees new to these devices typically focus on accessing the corporate network and syncing various email accounts but may ignore the need to fully patch and update their OS. Worst case? The operating system is so far out of data that defense isn’t an option. Instead, device access must be limited to protect corporate resources.

Next are new devices. As noted by Computing, the sheer number of devices introduced to the workplace ecosystem after the holidays makes it hard for IT teams to keep up. What’s more, attackers are well aware that corporate defenses will be weaker than usual during this period and may increase the frequency of their attacks.

There’s also the problem of poor security hygiene on the part of employees. Enamored with new mobile devices and either looking forward to time off or lamenting the end of their vacation, they may relapse when it comes to mobile security. According to The Huffington Post, for example, there’s real risk from using public Wi-Fi, opening holiday spam or spending time at work shopping online. Cybercriminals are looking for the opportunity to slip past defenses, hoping to find a skeleton crew at the helm.

Handling Holiday Mobile Devices

So how do companies make sure they’re ready for the holiday rush? To start, it’s critical to prepare for a multi-OS environment. This is especially true after the holidays when both the types and versions of systems used on the corporate network significantly expands. Companies must be ready to monitor and manage regular updates in addition to limiting the use of devices that don’t adhere to mobile management guidelines.

It’s also worth running a refresher course on mobile security to make sure all employees are on the same page. Ideally, this is done face to face and with clear messaging. For example, workers should be warned against conducting holiday shopping at work or opening holiday-themed email attachments in addition to being reminded that both devices and workstations should never be left unattended, even in the office. While this runs the risk of casting IT as the office Grinch, it’s better to have one internal bad guy than a host of malicious actors beating down the virtual door.

It’s also a good idea to revisit basic BYOD policy and ensure that new devices aren’t getting missed. Best bet? Set up a mobile access policy long before the holidays arrive that requires users to bring their devices directly to IT for inspection and the addition of network monitoring software. Expect some pushback, but make it clear that this is an expectation, not a request. IT can do its part by ensuring it is supporting employee requests for cloud-based apps where possible — but only after the device has been secured.

By integrating this type of permission-based method before the holidays and their related technology influx, it’s possible to eliminate the bulk of employee resistance. By the time their new devices are in hand and ready for activation, they’re already on their way to see company IT for evaluation and access.

For many companies, the influx of new mobile technology during the holidays is a gift they don’t want — it results in an IT time sink, a larger attack surface and the increased risk of employees passing over cybersecurity objectives in favor of shiny new devices. Get a handle on the holiday hoopla with a proactive approach to mobile security.

To learn more read the complete e-guide: Curing the Cause of Common Mobilephobia

 |  |  |  | 
Douglas Bonderud
Freelance Writer

More from Endpoint
October 30, 2023

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature