Moving beyond simple content filtering
It seems clear that safety protocols, such as web filtering, protect employees from dangerous malware and phishing sites, as well as the company. In addition to that safeguard, it also minimizes non-productive behavior online by restricting employee internet usage which also places a strain on bandwidth consumption and limits the potential for increased risks of malware attacks on the network.
But how exactly does blocking streaming services achieve all that on company mobile devices, you ask?
With one proper data policy solution in place, two main challenges can be resolved quite easily and effectively!
(Stop being) such a drain
The first of the aforementioned challenges relate to mobile devices using corporate-owned data plans to provide internet access to employees so that they can stay productive from anywhere at any time. Specifically, the problem isn’t provisioning data access, but rather when users abuse this access by using up precious bandwidth for personal uses, like streaming services that require larger amounts of data than productivity documents.
Not only can this impact employee productivity for the person(s) doing the streaming, but where data plans are shared between groups of users, this behavior will also impact all other users on that same plan. This is due to the allotted bandwidth being used up by streamers, eventually draining the data pool and leaving anyone trying to get work accomplished without access to the internet.
Worse still, some service providers will block data access (or severely throttle speeds down to near dial-up levels) once bandwidth pools are drained. Others however merely switch to a more expensive “per-gigabyte” billing model for each bit and byte used after the initial allotment has been exhausted for the billing cycle. The result? Possible “bill shock”, which is a term referring to a substantially higher data plan bill than your organization typically pays for service due to the overages incurred.
To successfully sidestep this scenario, implementing a data cap on mobile device data plans provides succinct ways to resolve this dilemma without impacting the user experience:
- Cap the bandwidth available to users, per-device, means further preventing users from using more than their fair share of data.
- Manage data usage granularly ensures users are able to use the data provisioned for them and that it’s there when they need it.
- Institute caps to prevent overage charges (see bill shock) from altering the organization’s expected monthly expenses.
Digital sunblock from threats
The second challenge is not just one touched upon earlier, but also one mobile device users are, unfortunately, all too familiar with: malware and phishing threats. More specifically, the potential exposing of company resources to cyberattacks from malicious websites and apps.
Phishing remains the number threat to users across any platform, device type or OS for a reason. It’s easy to execute, requires minimal effort from bad actors and due to its ubiquity, can target millions of users per campaign globally to gain access to company credentials, sensitive data and privacy information, while providing a pathway to lateral movements within the company’s network — up to and including leading to data breaches.
Malware continues to rank highly within the modern threat landscape too. Though it requires more of a targeted effort than phishing, it still provides bad actors plenty of flexibility due to its scoping capabilities. By combining different threat types as part of the attack chain, attackers can leverage access through phishing campaigns to obtain user’s credentials while infecting their device with malware to establish persistence, ultimately permitting attackers to pivot the attack across the corporate network to exfiltrate data — and potentially worse.
To minimize the risk of threats stemming from phishing and malware, implementing URL filtering to restrict what websites mobile devices are able to access limits access the reach these malicious apps and services have to your organizational fleet:
- Implement policies that prevent access to sites that are created as a part of dangerous phishing attacks.
- Prevent Ransomware distributed through insecure and fraudulent websites, also block software downloads from unauthorized sources.
- Filter content to mitigate risk from users clicking on links in spam messages or on unknown websites by blocking access to known malicious links and risky websites.
Ensure employees remain productive without worrying about running out of bandwidth or malicious threats.
Learn how Jamf Data Policy puts an end to productivity blockers while enabling the security of your mobile device fleet.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.