In our mission to unmask the reality of current mobile phone security practices in the workplace, we recently surveyed over 1,000 senior personnel of large businesses and multinational corporations across the globe. Sectors covered by the survey participants focused on those that require the need for ultra-secure and private communications – both regionally and worldwide – with clients, colleagues, and suppliers; namely legal, pharmaceutical, media and corporate affairs, government, and blockchain/AI-driven enterprises.
Mobile Phone Security Vulnerabilities Remain, Despite Increased Use of Secure Messaging Apps
The results of our survey were startling, exposing a major lack of awareness among both C-Suite professionals and their employers of the serious security and privacy threats that standard smartphones and popular ‘secure’ applications pose.
We were surprised to find that 70% of respondents admitted they did not know that popular apps, such as WhatsApp and Signal, are not immune to privacy invasion. Despite the vulnerabilities of these popular apps, 57% of those surveyed reported that they use these apps now more than they did the year before, with over 90% stating that they use such apps for everyday work-related communications.
The risk in using such apps lies in the fact that any third-party apps used on an Apple, Android or Google smartphone provide additional layers open for hackers to exploit, and it is significantly easier for them to identify these vulnerabilities in an application than in an operating system.
Your Mobile Phone Is Less Secure Than You May Think
The actual hardware and operating systems of popular smartphones are not immune to widespread attacks. For example, The Financial Times recently reported that Apple issued an emergency patch after a Pegasus spyware breach. The tech company warned that iPhones and iPads were open to being targeted by state-level clients of Israeli group, NSO.
“Apple has gotten much more aggressive in its tempo of hunting (for vulnerabilities)
and patching, and have also done remarkable work with Lockdown Mode,” said
John Scott-Railton, a senior researcher at the watchdog.
Unfortunately, Big Tech companies are trapped in a game of cat and mouse due to the structural flaws of the standard smartphone. They are continuously battling malicious actors, introducing patch after patch, and thus giving consumers a false sense of security that their phones are protected.
However, despite all of Apple, Android and Google’s best efforts, they are still relying on consumers to update their phones regularly in order to access the latest security patches, and they don’t have control over the security of the third-party apps that consumers use.
“One of the main cyber-risks is to think they don’t exist. The other is to try to treat
all potential risks.” — Stephane Nappo
Unaddressed Corporate Risk When It Comes to Employee Mobile Phones
Corporations are leaving the responsibility for data protection in the hands of employees all too often. In the recent WannaCry ransomware epidemic, “the human factor played a major role in making businesses worldwide vulnerable.” Interestingly, Kaspersky Lab and B2B International undertook a study into over 5,000 businesses around the globe, revealing that just over half (52%) believe they are at risk from within – with non-IT personnel being the weakest link.
When our own survey asked who our respondents use their corporate mobile phones to communicate with most frequently, the two most frequently quoted were colleagues and clients in other countries. Unsecured international communication risks unauthorized access to sensitive company data, including financial information, trade secrets, and customer data – alongside added threats of corporate espionage.
Despite these risks, 90% of respondents confirmed that they place more importance on safeguarding the security and privacy on their laptops than they do their mobile phones, even though 26% of respondents have had their phones hacked. This is very worrying, seeing as the smartphone has become a digital passport for hackers and can hold highly sensitive work-related data.
Most shockingly, our survey found that one in four companies with a mobile phone policy in place don’t advise on ‘security basics’, such as keeping a device’s password protected. As an example of why this is worrying, a study by Bitglass in December 2022 revealed that 68 percent of healthcare data breaches were due to the loss or theft of mobile devices or files.
And yet, only 7% of those we surveyed reported that their company’s mobile phone policy advises on remote wipe.
Remember – with the Sotera SecurePhone, we can remote wipe devices on request in the event of loss.
The Sotera SecurePhone Difference
Our findings highlight the urgent need for organizations to reevaluate their mobile phone security and privacy protocols and policies.
Only a multi-layered software and hardware security solution can successfully protect user data; and the Sotera SecurePhone is the first and only device that safeguards all three elements of security risk on a mobile phone: 1) the hardware, 2) the software, and 3) the applications, thus providing 100% secure communications where other smartphones don’t and can’t.
Sotera is the first and only to approach the mobile cybersecurity problem from the ground up, and with security sitting at the forefront of the device’s design and production.
Designed and built for professionals, we uniquely offer Government-trusted, enterprise-dependable, end-to-end mobile security. Voice and text between two Sotera SmartPhones cannot be intercepted and decrypted by a remote 3rd party.
Users of the Sotera SecurePhone connect with clients and colleagues on the same operating system that protects the US nuclear arsenal, military weapons systems, NASA/Department of Defense space systems, and commercial airliners – rated by the NSA as the most secure operating system available.
We believe that any mobile phone user who undertakes confidential, sensitive and mission-critical communications within the workplace deserves to do so with total peace of mind. The very fact that we provide the same level of protection as offered to the US nuclear arsenal and such provides the confidence you need in knowing which mobile phone device you’ll be in the safest pair of hands with.