How you can use UEM tools to protect your employees from cyber hackers

March 26, 2020
Cyber criminals are using juice jacking efforts and Wi-Fi hotspot honeypot attacks to steal sensitive data

The next time you're traveling, think twice before you charge your phone at a public charging station, and be sure to avoid using open Wi-Fi networks.

As wireless keyloggers and microcontrollers have gotten increasingly smaller, bad actors are now equipped with new ways to access our personal data. According to recent alerts from the FCC and Los Angeles County District Attorney's Office, consumers need to be cognizant of "juice jacking" attacks, which occur when hackers surreptitiously place malware or keyloggers inside public USB chargers in order to compromise devices. Other dangerous and far more common attacks are Wi-Fi hotspot honeypot attacks, whereby a malicious actor creates an illegitimate Wi-Fi access point posing as an authorized hotspot and then steals your data via a man-in-the-middle attack.

Through both juice jacking efforts and Wi-Fi hotspot honeypot attacks, cybercriminals attempt to steal our sensitive data to sell on the dark web or use in social engineering initiatives. In the always-connected world we live in, this gets especially worrisome as people often use the same device for both business and personal uses, increasing the risk of attacks due to negligent behavior. However, there are some countermeasures you can take to ensure you stay safe from these bad actors. 

In addition to the obvious remedies—avoiding public charging stations and open Wi-Fi hotspots—travelers can protect themselves with effective unified endpoint management (UEM) tools. 

Although a UEM tool may not directly stop a hacker from infiltrating your device, it can keep your sensitive corporate data from being compromised.

Containerization and Encryption

Through containerization, system administrators can segregate all employees' personal applications from their corporate applications; this way, admins can manage all of the corporate data without exerting control over employees' personal apps. With containerization in place, hackers will be unable to access sensitive corporate data even if they are able to breach your device.

Additionally, an effective mobile device management tool should come equipped with full disk encryption, ensuring that important data are scrambled and only readable after a user has provided a decryption key. With encryption, you can be sure that your information is safe. 

Geofencing 

Another way to protect against Wi-Fi hotspot honeypot and juice jacking attacks is to create a location-based service that prevents employees from using their devices outside of a certain area. 

After a desired geofencing perimeter is established, your system administrator will receive a notification via email any time an employee goes outside of the virtual boundary. Theoretically, this could prevent employees from accessing important corporate information outside of the office or designated safe area, which of course would make things more difficult for hackers trying to access such data outside of the virtual fence. 

Blocking Installation of Unapproved Apps

If your UEM tool only allows applications to be downloaded from approved sources, you can rest assured that a cybercriminal will not be able to transfer a malware-infected application into your device. An effective UEM solution will block the installation of any application that comes from an unapproved source.

Additionally, UEM tools can send alerts to your IT administrator anytime a new application is installed, or if there has been an update to an existing application.

 Detecting Rooted Devices

Given that rooted devices are more prone to malware attacks, it is important to have a UEM tool in place that can detect if there are rooted devices in the network and then remove them. 

Of course, if your device does fall victim to a juice jacking attack or a Wi-Fi hotspot honeypot breach, your IT admin can always make the hackers' lives a bit more difficult by remotely wipe the content on the compromised device. 

Stay Proactive

Although UEM tools cannot completely prevent juice jacking or Wi-Fi hotspot honeypot attacks, they can definitely mitigate the level of damage in the event of a successful breach. By employing encryption and containerization, your IT admin can ensure that hackers cannot access sensitive data even if a corporate device has been compromised. Additionally, further layers of protection can easily be put into place through geofencing and the detection of rooted devices. 

Additionally, should a cybercriminal attempt to infiltrate a device by placing malware inside an application, an effective UEM tool will prevent the installation of this application unless it comes from an approved source. 

To be sure, if you're using a UEM tool, malicious attacks that involve hiding malware inside applications will rarely be successful. Even a mere unauthorized update to an existing application will send an alert back to your IT administrator, ensuring that the most sensitive data on a breached device will remain inaccessible to the criminals.

 About the Author:

Ananth Vaidyanathan is a product manager at ManageEngine, a division of Zoho Corp. His 18 years of IT experience include positions in customer support, technical content development, and most recently, product management where he currently plays a key role in developing strategies used to create product awareness among IT decision-makers of different verticals.