Protecting organizations’ most vulnerable endpoint

When organizations’ employees use their private smartphones to access their organization’s IT network and email accounts, cyber criminals can take advantage of this vulnerability and infiltrate the organization’s systems. ASPIS provides the solution to mitigate this threat.

Although awareness to the importance of cyber security is quite high nowadays, and organizations invest heavily in order to protect themselves from cyber threats, there still exists a major and significant cyber security weak link which, in large, is still not properly addressed.

We are referring to employees’ and managers’ smartphones – private iOS and Android, which are extensively used by them to access the organizations’ IT networks and mail servers, and are extremely vulnerable to both hacking and tapping.

Just recently, Gil Shwed, founder of Check Point, said in an interview to the “7 Days” magazine, that “We are witnessing a huge increase in the number of attacks on smartphones. The technology to protect against such attack is available, but, in many cases, organizations do not implement it. It is like saying: I bought the safest car in the world, but I never buckle up.”

Recognizing the threat to organizations which stems from this vulnerability, ASPIS developed a comprehensive solution, which is already operational and is used by numerous commercial and security organizations worldwide.

“Nearly 75% of the endpoint connections in all organizations are Smartphones, according to a Gartner Research,” says Shimon Zigdon, CEO of ASPIS. “Employees use smartphones to access the organizations’ systems, such as email and files, as well as for their personal communication and applications, including WhatsApp, Facebook, Instagram and others.”

Organizations nowadays attempt to maximize communication and data security by using VPNs to create a partition between employees’ private and corporate applications. Unfortunately, VPN has its own vulnerability, as the hackers can target the employee’s mobile device, which is usually unsecured, and use it to infiltrate the organization’s email system, and from there they can quite easily breach the entire IT system.

“Once the hacker succeeds in accessing the organization’s email server, he can, for example, send phishing links via email to the organization’s employees, run malicious software inside the network, impersonate an actual employee to steal information, and launch a DoS attack”, says Shimon Zigdon.“ Such a cyber attack, which can be carried out using a simple BYOD smartphone, can covertly cause a great deal of damage to the organization. This kind of threat carries a huge potential risk because by using an employee’s smartphone to breach the network, the hacker can pose as an actual employee, and gain access with privileged credentials. This enables him to put his hand on the organization’s most sensitive data.”

The solution ASPIS provides for such cyber threats is a proven app, available for both Android and IOS devices that integrates two different protection systems: ShieldiT, an app and system solution that provides protection against both tapping and hacking. ShieldiT’s anti-tapping technology prevents eavesdropping on employees’ conversations and messaging, and its anti-hacking technology detects and prevents installation of malware on the device.

To complement ShieldiT, ASPIS also developed ManageiT, which enables CISOs to manage all the endpoints, supervise the threats facing the company, prepare the organization for possible attacks and locate vulnerable points. Both the app and the system solution fully integrate with the organization’s voice and data networks.”

While some employees may oppose the installation of a security application on their smartphones, it is important to emphasize that such an application also secures their own privacy and essential information, such as bank account details, private photos and all the data stored on the device. It’s important for all of us to remember that any hacker can, for example, fairly easily access any person’s WhatsApp app, impersonate the actual user, send intimate pictures, as well as use malicious apps to steal bank account’s credentials and much more.

“Securing the smartphone endpoint against both hacking and tapping, secures not only the organization’s IT and voice systems but also protects the employees private data,” summarizes Zigdon.

For additional information and to get a demo:

The original article and photograph were published (in Hebrew) by Israel’s leading financial and business newspaper and website – Calcalist: