MobileIron e il Back to School
By Riccardo Canetta, Country Manager of MobileIron Italia
21 September 2020
Why risk putting company data at risk when employees share devices with their children?
The new school year is starting. Between uncertainties and a little anxiety, children and young people are returning to school.
Obviously we all hope that everything goes well but, in the event that we unfortunately have to return to distance learning (DAD), it would be better not to be found unprepared and vulnerable.
In fact, during the COVID-19 emergency, students often used their parents' devices to do homework and keep up with school programs, and this may have inadvertently put company networks, infrastructures and information at risk.
“If we were to return to DAD, some children will use their own devices (perhaps obsolete), but that device may not be able to connect correctly to a virtual classroom – underlines Riccardo Canetta, Country Manager of MobileIron Italia – so most of them will use their parents' devices for lessons via Zoom or Webex and communicating with friends. The parent will likely impulsively hand over their Android device, iPad, Mac OS laptop, Windows 10 laptop, etc. so that the child can participate in the lesson on time, without thinking about what applications are open at that moment or what corporate resources the device has access to.”
Worryingly, managers aren't giving much thought to the corporate security impacts of parents sharing their corporate devices with their children, but the risk that a student could accidentally leak corporate data or otherwise cause harm is real.
Think about how easy it is to download an application. During school, children will be encouraged to download applications both by their teachers and their friends, which they will do very quickly. They will click and answer “yes” to the questions. While apps recommended by teachers will likely be educational and safe, apps recommended by friends may be questionable in nature. For example, TikTok is a very popular video sharing app that is also known to have many security vulnerabilities. Downloading TikTok on your device may not only violate company policy, but could lead to company data leaks. And this is just one example.
'Now let's take a moment to consider how the COVID-19 pandemic has changed the online threat landscape – continues MobileIron's Canetta – and enabled an increase in cybersecurity attacks on mobile devices. In the United States, in April, Google has recorded more than 18 million malware attacks every day and countless email on phishing related to COVID-19 in just one week. The FBI has also seen an increase in phishing attacks and urged users to check information before taking any action, especially when using a mobile or handheld device.”
Unfortunately, during the era of online learning, scammers and hackers will continue to exploit virtual security gaps using increasingly creative methods, and students are at high risk of falling victim to their attacks. An example? A hacker could easily send an email, text, or instant message that appears to be from a teacher, but instead includes a malicious link that leads to a fake web page that tricks a student into entering login credentials or downloading a malicious app onto a parent's work device.
Parents themselves are also at risk of falling victim to cyber attacks and accidentally putting company data at risk. For example, if you need greater bandwidth you can decide to use a public hot spot or a local network (such as a bar or library) to work. That is an unknown network, it can be insecure and you don't know who is browsing at the same time. Will the connected information and devices then be vulnerable? Furthermore, are we sure that a website that requires a username and password to log in is legitimate?
"The good news is that MobileIron can help in these situations – emphasizes MobileIron's Canetta – First, our unified endpoint management (UEM) solution ensures that a device is known and trusted and has the appropriate applications and software before granting access to an enterprise network or cloud. MobileIron UEM can evaluate whether you are using the correct version of an application from a known, trusted source or a rogue application and grant or block access accordingly."
MobileIron Threat Defense (MTD) provides an additional layer of security by detecting app, network, and device threats. MTD offers on-device and cloud phishing URL database searching to detect and remediate phishing attacks that can arrive through emails, text and SMS messages, instant messages, social media and more. So even if you receive a phishing message outside of your work email, MTD can detect and remediate that attack if the message is viewed on a device managed by MobileIron UEM.
Last but not least, MobileIron's Zero Sign-On (ZSO) technology leverages biometrics, such as facial recognition, to confirm a user's identity. With more employees working remotely and accessing company data via mobile devices, it's easier and more secure to leverage mobile devices over passwords to authenticate users.
“Our solutions – concludes Riccardo Canetta of MobileIron – can provide secure and seamless experiences on family-shared mobile devices in this new era of virtual learning and remote working.”
For more information www.mobileiron.com/it




