‘Fat fingers’ refers to the mistakes we make by accidentally pressing the wrong buttons on mobile devices. Although to be fair to our digits – it’s much more to do with the size of the screens and the tiny keyboards they’re touching.
The problem for businesses is that innocent fat-fingered mistakes can lead to serious data breaches when sensitive information is involved. Stopping people from using mobile devices simply isn’t an option though. And as organizations, we shouldn’t need to stop people working from mobile devices. More flexibility and boosted productivity is to be encouraged.
Instead, organizations need to understand the added risks of sharing data from mobile devices and implement the right technology to mitigate those risks.
A mobile workforce
There are more endpoints than ever accessing corporate data. The explosion of remote working due to the pandemic has only increased the amount of people working away from traditional desktop set ups. And with data showing that 67% of professionals expect to work remotely work after pandemic restrictions lift – it looks like it’s here to stay.
Modern employees expect the quick and easy access to data that mobile devices offer. However, that means many work from unsecured personal BYOD (bring your own devices) that could have shadow IT not approved by the company installed. Even if businesses supply people with company approved mobile devices, they still might be using them via unsecured networks.
The genie is well and truly out of the bottle when it comes to mobile endpoints – we’re never going back to a world where every employee works from a desktop within the traditional secure perimeter of the office.
Why do we make more mistakes on mobiles?
As anyone can attest, it’s simply much easier to make a mistake on a phone or tablet than using a mouse and keyboard at a full desktop set up. We’re more likely to press multiple buttons at once on a smaller screen or slip up and select the icon or confirmation we didn’t mean to.
Autocorrect is also much more likely to step in and ‘help’ with predictive text input. However, as a whole host of examples on the internet can prove – autocorrect doesn’t always do the best job. At best, these can make for a humorous misunderstanding. But when people are using mobile devices to share sensitive data, the outcomes can be serious.
There’s also a disadvantage when it comes to spotting phishing links on a mobile or tablet. On a desktop, you can hover over a link to get a preview of where it wants to take you (one of the best ways to spot a potential phishing attack).
It’s also easier to spot the small typos or subtle changes to email addresses and signatures that can be a giveaway of spear phishing. This is where a hacker will target an individual by impersonating someone known to the recipient (usually a member of the C-suite or security team) and request sensitive information.
What does the data show?
We surveyed 3,000 remote workers in our 2021 Data Loss Prevention Report to get a better understanding of the risks around mobile working. We saw that digital communication was higher across all channels, but email was the highest with 85% of remote workers sending more emails than before the pandemic.
Email is the leading cause of human-activated breaches – and highly susceptible to fat fingers. 83% of organizations have had data put at risk over email in the past 12 months and 59% have seen an increase in email data breaches since March 2020. But how much of this can we attribute to mobile working?
Our findings showed 72% of remote workers use a mobile device to access work emails outside of working hours (rising to 93% in the legal industry). On top of this, 46% said they felt pressured to access email outside of hours – and 39% try to respond as quickly as possible. A further 24% admitted to doing something at the same time. It’s a near certain recipe for fat fingers.
We also surveyed 500 IT leaders across the UK and US to get their thoughts. 28% believe employees working on different devices is the most common contributing factor to data loss when employees work remotely. 67% believe employees are more likely to leak data when working from a mobile device – and 68% believe remote working will make it harder to prevent leaks by email in the future.
The solution? Intelligent DLP tools
Intelligent data loss prevention (DLP) tools such as Egress Prevent use machine learning to analyze the behavior and sharing patterns of each individual user in an organization. It works silently in the background, only popping up with a simple traffic-light system of risk when unusual behaviour is spotted.
For example, if you ‘fat finger’ the wrong attachment or autocorrect in the wrong recipient, Prevent will prompt the sender to double-check those fields. Likewise if a phishing email has been received, Prevent will flag that this is not someone you usually communicate with.
This technology helps businesses to offer employees a guardrail when sharing content via mobile. It doesn’t dent their productivity or make their mobile devices unusable – it simply monitors in the background and gives people a nudge when those easy-to-miss and context-driven mistakes occur.
If you’d like to learn more about how intelligent DLP protects your business from fat fingers (and much more), we’ve got a dedicated information hub you can explore here. Or if you fancy giving Prevent a no-strings attached trial, we’ll be happy to set that up for you.