When you think of hack attacks, what image first springs to mind? Card cloning? Your emails getting interfered with? A teenage computer genius breaking into a corporate database to steal financial information? Anonymous shutting down the websites of groups they disagree with?
What if I told you that one of the most nefarious and growing routes for hackers is via the humble SMS?… And that, far from taking more expertise and technical skill to pull off, hacking in via text can actually be a much, much easier task for a data thief?
If your firm has a BYOD policy (or even if you have a “work” smartphone), this might sound like very bad news indeed. And certainly, if you don’t have the tools in place to manage the problem, it really is bad news.
Remember the Stagefright bug last year? This was a particularly nasty vulnerability that allowed hackers to break into Android phones and steal device data via an infected text carrying a particular code.
Imagine if you were using your Android smartphone for work purposes and had accessed, sent or downloaded sensitive client data at that time. Imagine how disastrous it would be if the data leak was traced back to your phone.
Given the scale of the risk, it’s worrying that many companies who specialize in mobility management, even enterprise mobility management, haven’t figured out an effective way to stave off SMS-based attacks. And that’s opening their clients up to risk.
In a world that’s fast moving towards BYOD solutions, security issues like this are one of the primary problems for enterprise mobility management. In order to meet the security demands of fast-modernising and dynamic law firms, we need a more holistic approach.
Specifically, what these enterprise mobility management (EMM) providers need is enterprise grade security and encryption. Systems that are based around solutions like Citrix XenMobile – which, as a key study by Gartner recently pointed out, is a world leader in the area of secure mobility.
So what exactly does something like Citrix XenMobile do differently?
We don’t want to bore you to sleep with geeky technical details, but Citrix is a firm adherent to industry best practices, which means they’re always being proactive about internal and external penetration tests on its XenMobile EMM solutions.
And when it comes to SMS security, it’s a serious innovator.
Recently, the rolled out a new certificate pinning feature designed to prevent against Man In the Middle (MITM) attacks.
This works by pinning the client side software with a public key and then rejecting any server connection requests that try to use a different public key – preventing hackers from slipping in unnoticed.
Whether or not you choose to opt for an EMM that uses Citrix Xenmobile, the important thing is to ensure that your cloud provider understand the importance of SMS security in safeguarding your client data, and how your BYOD policy could create problems with enterprise mobility management. No one wants to destroy their law firm over a simple text – don’t leave it up to chance.
Want to hear more about what a secure file sync and sharing service can mean for you and your team? Click here to get in touch.