Mobile Threat Report

Download The Zimperium Global Threat Report Get updates on global device vulnerabilities, network and app attacks

Enterprise Mobile Security & Compliance

Compliance for Mobile Devices

GDPR and mobile devices

GDPR and mobile devices
"One of the challenges of achieving GDPR compliance will be securing Personally Identifiable Information (PII) held on laptops and other mobile devices. It is harder to track and at a greater risk of being compromised because it is not behind the company firewall." GDPR Report, October 13, 2017

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue based. Any mobile devices and applications, including those provided to consumers, containing or processing personally identifiable information (PII) must be secured against exposure and theft. These devices and apps need mobile security solutions to prevent device, network and app (DNA) attacks. To learn how Zimperium enables companies to receive all of our award-winning mobile security in a completely GDPR- compliant manner, contact us now.

"The PCI Data Security Standard (PCI DSS) requires merchants to protect cardholder data. ... Mobile devices are not necessarily designed to be secure input or storage devices for cardholder data." PCI Security Standards Council, 2014

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. Mobile devices, from smartphones to tablets, are increasingly being used to process transactions. For PCI DSS compliance, these mobile devices should be considered “endpoints” in the same way that point of sale (POS) terminals, personal computers and servers are. They need mobile security solutions to prevent device, network and app (DNA) attacks. To learn how Zimperium can help your business meet mobile PCI DSS compliance requirements, contact us now.

PCI and mobile devices

PCI and mobile devices

HIPAA and mobile devices

HIPAA and mobile devices
"Under HIPAA, you’re required to take security measures to ensure your patient data — including those handled by mobile devices — are private and secure. If your practice suffers a data breach or fails to comply with HIPAA regulation, you will be subject to heavy fines ranging from $50,000 to $1.5 million." Health Security Solutions, November 6, 2017

HIPAA (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information. Mobile devices and applications are increasingly being used to store and present patient data to doctors and patients. For HIPAA compliance, mobile devices should be considered “endpoints” in the same way that point of sale (POS) terminals, personal computers and servers are. Mobile apps containing and processing patient data must be secured against attacks as well, even on patient-owned devices. These devices and apps need mobile security solutions to prevent device, network and app (DNA) attacks. To learn how Zimperium can help your business meet mobile HIPAA compliance requirements, contact us now.

"The reality for a lot of businesses is that there are many Privacy Amendment (Notifiable Data Breaches) security time bombs in the workplace, including ... unsecured and lost personal devices such as smart phones and tablets." MyBusiness.Com.Au, 2017

The Notifiable Data Breaches (NDB) requirement, contained under Part IIIC of Australia's Privacy Act 1988 (Privacy Act), introduced an obligation to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. The legislationapplies to all businesses carried on in Australia that collect or hold personal information in Australia. To learn how Zimperium can help your business meet mobile NDB requirements, contact us now.

NDB and mobile devices

HIPAA and mobile devices

NERC and mobile devices

NERC and mobile devices
"CIP compliance is challenged when mobile devices, capable of unauthorized wireless connectivity with wired and wireless interfaces, are able to access a CIP-protected cyber asset within the electronic security perimeter." Department of Energy, February 25, 2009

The NERC CIP (North American Electric Reliability Corporation critical infrastructure protection) plan is a set of requirements designed to secure the assets required for operating North America's bulk electric system. Mobile devices, from smartphones to tablets, are increasingly being used by technicians to service critical infrastructure. For NERC CIP compliance, these mobile devices should be considered “endpoints”; they need mobile security solutions to prevent device, network and app (DNA) attacks. To learn how Zimperium can help your business meet mobile NERC CIP compliance requirements, contact us now.