Device management is blinding the financial sector to its serious problems

Hank Schless, Senior Manager, Security Solutions at Lookout, explores why device management is blinding the financial sector to its serious problems

It is no surprise that the financial sector was the most targeted industry in 2020. The continuation of remote working for financial organisations combined with customers reliance on mobiles to manage their personal lives has created the perfect storm for cyberattacks Financial organisations need to embrace modern security technologies and strategies to stay secure, competitive and relevant on the devices that employees and customers use the most.

However, this is easier said than done, especially when organisations need to empower their remote workers while keeping their data secure. Over the course of the next weeks and months, employers will begin to ease their staff back to the office in phases. Some will continue to remain operating from home, but all will be accessing and handling sensitive financial information from various devices and networks, many of which are not managed by their employers. On the other side of the glass, consumers will continue to be reliant on mobile applications to bank and manage their finances.

Mobile device management (MDM)

When examining the security landscape of the financial industry in terms of mobile threats, Lookout discovered that there was a 50% increase in organisations adopting mobile device management (MDM).

There are positives in seeing the financial industry as a whole take steps to better their mobile endpoint security posture but there are limitations with what MDM can offer. For example, MDM can only push basic application and access management policies to the user’s device. Yet, the same financial threat report stated that mobile phishing attacks soared by 150%, with app threats increasing by five times compared to the previous year.

Mobile devices have become a prime target for hackers as more employees increasingly use their own devices to get work done, which has blurred the lines between work and personal usage. A successful attack to an employee’s mobile device can not only expose personal financial information from banking apps but also put sensitive work files and systems at risk.

Clearly, MDM is not adequate to protect users and their mobiles devices from common threats like mobile phishing and application risks. This is greatly concerning given that many financial institutions have workers that will be using mobile devices while working from home. With MDM, organisations have no control over the networks or sites accessed or applications or software downloaded to the device. Moreover, MDM technology does not have the ability to dynamically react to mobile cybersecurity threats and provide continuous visibility of device health and trust.

This is handicapping the financial sector and ultimately, exposing organisations to the real possibility of suffering a ransomware attack or serious data breach. If financial institutions want to avoid such a situation, implementing dedicated mobile security can ensure employees can stay productive from anywhere while your corporate data stays secure.

As the workforce continues to work remotely and progressively operate using mobile devices, safeguarding users and enterprise information from the risk of vulnerable apps and phishing attacks is a must.