and agent device attacks
For years now, Insurance corporations have started deploying apps to their agents, field service teams to capture personal customer data needed for quotes, claims, expertises, photos.
Providing agents and field services with efficient mobile Android and iOS native apps has become a competitive advantage for insurers, in order to improve customer responsiveness and quality of service. But the counterpart is that your agents and employees carry very sensitive data on their devices.
This has also greatly increased company exposure to cyberattacks from hackers and malware.
As mobile technology is getting more and more to the forefront of IT systems, Insurance companies have to deal not only with network and laptop security to protect sensitive data, but must proactively address the risks posed by mobile threats, as they will remain liable for data breaches on insured customers no matter the entry point, on their premises or in the wild.
What has your Insurance company done about mobile threat defense?
Mobile Mobile threats are not only increasing, they are getting unnoticed because of the absence of surveillance. According to 2018 Gartner survey, 60% believe mobile malware incidences are underreported, against only 16% for desktop.
How to get be protected without downgrading quality of service?
All data managed by sales agents or field services on their mobile device are of potential value to cybercriminals. Insurers are already aware of the existing cyber-risks fact, as they are offering cyber-insurance to their customers to protect them against possible damages and liabilities when their data are being stolen.
It is difficult for IT maintain on mobile devices the same level of surveillance once imposed on corporate-issued desktop or laptops, and it might even be legally impossible when employees are using their own devices (BYOD).
Employees and customer using mobile insurance apps and webapps might log onto untrusted Wi-Fi networks for internet access. Rogue networks might appear as known legitimate networks, so that users can be deceived and think they are actually connecting to a safe network. These malicious networks give the attackers the ability to perform man-in-the-middle (MITM) and other traffic listening or content/app pushing attacks, and might even gain full root control of a device.
Protecting employee devices and data
Samoby Mobile Threat defense offers an easy to install solution that will immediately begin to protect iOS and Android devices against today’s and future threats: rogue networks and apps, network attacks, phishing attempts, or possible web attacks. Moreover, Samoby is able to perform local mitigation actions, by blocking apps or network connections, and providing immediate notification and information to employees and IT staff.
Compliance and mitigation
Rules can be defined to automatically react when a potential threat is detected. All devices can be verified for defined threshold requirements for use, such as: OS authenticity, minimum OS version & patches, storage encryption, disabled debug or developer mode settings, and app wrapping.
App and device threats
Mobile apps can be an attack vector in several ways: On the one hand, an attacker can try to gain access to a device using a legitimate app vulnerability. Your own insurance app can be the target of this kind of attack. On the other hand, the attacker can create its own malicious app, making it look like a legitimate app, and using social engineering or other techniques, have their victims install the app in order to spy on them and compromise mobile devices.
As many insurance apps interact directly with the device’s hardware and OS like camera and geolocation, they are a natural target for cyber-criminals.
On-device detection and prevention
Protecting against zero-day threats requires more than the ability to identify known malware. Samoby tracks locally all mobile device internet connections in order to detect rogue traffic to sensitive or unusual destination, at unusual timeframes or of unusual volumes.