Disadvantages of Mobile Computing for Businesses

Chances are high that you’re probably reading this article from your mobile device. It isn’t surprising that mobile computing is fast becoming one of the used endpoints in the workplace.

While mobile computing has many benefits, there is a common misconception about the disadvantages of mobile computing for businesses. And that’s not true.

Mobile computing poses some unique disadvantages for businesses, especially regarding security management. For example, servers, network firewalls and switches, desktop workstations, HVAC units, and UPS devices leverage traditional in-house hardware that is easy to physically secure — either through video monitoring, restricted access, alarms, and other anti-theft and anti-intrusion devices and mechanisms.

According to a study by Pew Research Center, 85% of Americans own and use smartphones. With the ever-changing and increasingly fierce talent competition, businesses are now embracing work from home (WFH) practices as well as BYOD and COPE strategies to enable an efficient and on-the-go workforce.

Devices (ranging from laptops to desktops, tablets, and smartphones) can cause serious harm to businesses. Verizon’s 2015 Data Breach Investigations Report stated that there are tens of millions of mobile devices — which is further corroborated by Statista which claims that in 2022, the number of smartphone users in the world today is 6.648 billion, which translates to about 83.4% of the world’s population owning a mobile device.

As the number of mobile computing devices increases, so do the disadvantages of mobile computing. While many organizations have invested and still investing in mobile computing solutions like mobile device management (MDM) tools, that’s not to say that mobile computing doesn't pose serious threats to companies, ranging from lack of protection against threats such as malware and phishing to mobile-OS risks and other cybersecurity threats.

Dive in as this guide discusses the major disadvantages of mobile computing for businesses and highlights the prevalence of security and privacy problems and issues facing many organizations today.

Phishing

Ask any organization, and they'd tell you that phishing attacks are one of the biggest disadvantages of mobile computing. Many organizations invest in web gateways, proxies, and next-gen firewalls for security. Attackers find holes in those solutions, such as attacking via an employee's personal email and texts instead of corporate email.

In 2018, Amazon chairman Jeff Bezos had his mobile phone hacked after receiving a malicious video file in a WhatsApp message. A large amount of data was copied from his device.

Hackers can use social engineering to research users they would like to attack — looking for key attributes like the company where they work, job status, recent posts, and updates. This approach is sometimes called spear phishing. The information obtained reveals entry points for hackers to gain users' trust, usually through email or other social posts and messaging.

They aim to get the user to share sensitive company data and information. While technology plays an important role to help proactively secure devices and users, the danger of social engineering is that it relies on human error, allowing a bad actor to infiltrate through phishing sites and malicious applications.

Phishing sites are often URLs opened from a link. These malicious URLs often look similar to an authentic site to trick users into thinking they are on the legitimate site.

Phishing attackers use:

• Email, both corporate and personal.
• Text or a message from similar applications like Facebook Messenger, WhatsApp, and iMessage.
• Social platforms like LinkedIn, Facebook, Twitter, and Instagram.

Malicious Applications

One of the biggest disadvantages of mobile computing is malicious applications. Malicious apps are designed to collect personal and corporate information and transmit it to third parties.

Companies can invest in MDM as a first line of defense against malicious apps. A properly managed device greatly reduces the potential for potential harmful app (PHA) installation.

According to Google's Android Ecosystem Security Transparency Report, for devices that are properly configured with MDM policies such as blocking installation of unknown applications, PHA can drop to .004%. The same goes for iOS; leveraging proper MDM configurations and DLP policies can greatly reduce the chance for rogue applications to exploit the device and OS.

Organizations can supplement mobile device management with an MTD tool for more advanced protection in real-time. MTD software detects and combats malicious behavior from an app or a zero-day attack, wherein hackers exploit a vulnerability in legitimate software before the vendor can patch it. MTD tools quarantine or disconnect the device to minimize the attack's effects.

Additionally, companies should develop a mobile device security policy so that users understand the importance of device security and how to use a device that accesses corporate data.

These policies must account for all sorts of factors that users and IT admins could encounter during their workday. Include acceptable use policies, device ownership guidelines, mobile update strategy, extensions of existing security policies, and more. IT admins can enforce this policy through a combination of tools and platforms such as MTD, MDM, and enterprise mobility management (EMM), and soft management methods such as end-user training and documentation.

Application Vulnerabilities

Another disadvantage of the mobile computing device environment is the apps loaded on it. Each application can contain a vulnerability that is susceptible to exploitation. The apps on the mobile device can pose various disadvantages including:

• Incorrect permission settings that allow access to controlled functions such as the camera or GPS.
• Exposed internal communications protocols that pass messages internally within the device to itself or other applications.
• Potentially dangerous functionality that accesses the resources or the user’s personal information via internal program data calls or hard-coded instructions.
• Application collusion — where two or more applications pass information to each other to increase the capabilities of one or both applications.
• Obfuscation, where functionality or processing capabilities are hidden or obscured from the user.
• Excessive power consumption of applications running continuously in the background, draining the battery; thereby reducing system availability.
• Traditional software vulnerabilities such as insufficient editing of data entered, Structured Query Language (SQL) query exploitation, and poor programming practices.
• Privacy weaknesses in configuration settings that allow access to the application’s sensitive information (e.g., contacts, calendar information, user tasks, personal reminders, photographs, Bluetooth access).

Risky Device Configuration

Mobile devices are usually run with administrator rights and rarely use anti-malware protection, particularly in the case of consumer devices permitted for company use such as in a Bring Your Own Device (BYOD) arrangement.

Additionally, stored data may be unencrypted, particularly on external micro-SD cards, which can put information at risk even with controls such as password requirements or biometric readers.

Mobile device management solutions can help centralize and enforce security controls on these devices, but they are not without certain limitations and challenges. At the very least, it's recommended that organizations enforce strong passwords and storage encryption on mobile devices.

Malicious Wi-Fi networks

Wi-Fi networks, offered by malicious individuals, require the use of a portal that asks users to sign in with a Google or Facebook account which then provides them access to the user credentials involved. Since many employees employ the same passwords across multiple apps, this can result in a serious series of data breaches.

A particularly hazardous variation of this threat involves these malicious networks being set up next to financial institutions and asking users to sign in with their bank username/password to gain Internet access.

FAQs:

Q1. What are the major issues of mobile computing?

Mobile computing disadvantages exist in the device itself, the wireless connection, a user’s personal practices, the organization’s infrastructure, and wireless peripherals (e.g., printers, keyboard, mouse), which contain software, an OS, and a data storage device.

If not secured by encryption, wireless networks often pass sensitive information in the clear that can harm individuals and/or organizations. Unintentionally released sensitive data can not only affect the organization’s reputation and the lives of those affected, but it can also be the cause of legal action.

Q2. What are the advantages of mobile devices?

There’s no denying it. Mobile devices are pivotal in our daily lives. A staggering five billion people now own mobile devices around the world.

From scrolling through social media to taking pictures, listening to music, doing shopping, checking the news or weather, navigating somewhere new, bingeing movies on Netflix, setting alarms, tracking diets, updating calendars, sending and responding to emails, phoning loved ones, booking ourselves an Uber… the advantages of mobile devices is endless!

Q3. What are the disadvantages of mobile technology?

Disadvantages of mobile technology for businesses include:

• Costs: New technologies and devices are often costly to purchase and require ongoing maintenance and upkeep.
• Workplace distractions: As the range of technologies and devices increases, so does the potential for them to disrupt productivity and workflow in the business.
• Additional training needs: Employees may need instructions and training on how to use new technology.
• Increased IT security needs: Portable devices are vulnerable to security risks, especially if they contain sensitive or critical business data.

If your business is using mobile computing, you should take measures to ensure that your devices and the data they access, remain safe.