By Joe Breaux
From fraudulent text messages and emails targeted at employees to lost or stolen mobile devices, more organizations are suffering from debilitating hacks and security breaches than ever before. But commercial contractors that manage the use of mobile devices as part of workplace safety programs may be uniquely positioned to enhance their defenses against attackers.
AN INCREASING THREAT
The repercussions of a major data breach or cybertheft can destroy brands, customer relationships, and even entire businesses. More than half of cyberattacks strike small-to-midsize businesses, according to researcher Cybersecurity Ventures, and 60% of those attacked go out of business within 6 months of a hack or data breach.
Commercial contractors may be at particular risk to criminals who access data and networks through lost or stolen smartphones, tablets, or laptop computers at busy jobsites, in unattended vehicles, or even from office headquarters. In fact, mobile devices are a dominant source of cyber risk. A report by security solutions provider RSA Security found that more than 70% of fraudulent transactions originated in the mobile channel. And, while it’s clear that lost or stolen mobile devices result in a financial loss for both the user and the organization, the damage can be catastrophic when sensitive data is exposed.
Contractors deal in sensitive information daily. It is imperative that they deploy firewalls and cybersecurity software to protect their business operating software, customer account information, bid calculations, schematics, and other vital data. Unfortunately, a dedicated security solution alone, while essential, may not provide sufficient protection. In fact, three of the 10 largest data breaches in the first half of 2021 occurred at technology companies with what had seemed to be impregnable safeguards in place.
Many enterprises have begun implementing adaptive device management tools in addition to standard security safeguards to protect vulnerable data and customer information. Commercial contractors that use a contextual mobility management (CMM) system have the means to introduce an additional layer of security over their data.
In recent years, progressive contractor firms have come to embrace the enhanced productivity and fluidity of the mobile worker. Mobile technology has accelerated communications and the dispatching of crews, helped transform paper blueprints into data-rich digital designs, and given supervisors and workers in the field access to all the data and software that was once only available at a desktop back in the office. However, with the benefits of workplace mobility comes heightened risks.
A solution? Contractors benefiting from the advanced functionality of mobile-capable workers have had to refine their mobile device policies and augment existing security measures to protect against hacks and data breaches resulting from lost or stolen mobile devices. Many are accomplishing this with CMM technology that considers where the device is, who is using it, how it’s being used and what’s happening around the user at the time—the context.
Having a solution that immediately triggers safety protocols, such as allowing or prohibiting access to sensitive data, upon a change in context, without the need for IT intervention, provides a stronger barrier. Passwords can be hacked. There can be precious time delays between noticing when a device is missing and when IT can put the device in lost mode or even wipe it. As a worker’s environment changes through the course of their day and activities, so do their device permissions—automatically and in real time. CMM can handle it as soon as the context changes.
It’s important to note that CMM doesn’t replace a dedicated security solution but enhances it in the same way it enhances an Enterprise Mobility Management (EMM) solution. Two approaches that make this work are fixed perimeter and dynamic adaptation.
Fixed perimeter security is best suited to businesses with employees that gather at the same place every shift, such as a factory or hospital. If a team member who normally leaves their tablet at work inadvertently takes it with them when they leave, the contextual mobile management solution can automatically detect that the device has exited the secure workplace perimeter and lock its functions until it is returned to the premises. If the device is lost or stolen, the same automatic locking response occurs in real time, and functionality is immediately restored if the device is recovered and returned.
Dynamic adaptation works for businesses with employees in the field, which is often the case for contractors. This CMM arrangement manages functionality when an individual’s movements and locations fluctuate. A construction safety officer may be able to access company systems and data from their mobile device while at a jobsite or at the office, for example, but when they leave the designated areas—or if their device is misplaced or even stolen—the CMM tool will remove the device’s access to work-related apps and databases.
Whether as a fixed perimeter or dynamic adaptation, contextual management is an added layer that supplements traditional security measures and tools, giving each user access to only what they need to get the job done and nothing they don’t. Their permissions change along with their situation, such as when they are around certain equipment or leave the jobsite.
The security side of that coin is that access to sensitive data or applications can adjust based on the user’s whereabouts, without expecting IT or the employee to decide what device usage is safe and appropriate. Those functions and information are also inaccessible to anyone who finds or steals the device, because lockdown occurs the moment the device moves outside the place or time designated for its use, regardless of whether its absence has been noticed or reported.
Effective cybersecurity requires a multifaceted approach that includes regularly updated software and employee training. But by including a contextual mobile management solution in security processes, companies can drastically reduce opportunities for data breaches and social engineering attacks on their employees.
About the Author:
Joe Breaux is CTO of TRUCE Software, which offers the only mobile management platform to provide flexible, contextual enforcement of your mobile device policy, allowing companies to enable or temporarily suspend mobile apps based on the work being performed, the work location or even the user or work group. Their patented technology operates on both iOS and Android platforms, supporting more than 140,000 subscribers and some of the largest brands worldwide. For more, visit trucesoftware.com.
Modern Contractor Solutions, December 2021
Did you enjoy this article?
Subscribe to the FREE Digital Edition of Modern Contractor Solutions magazine.