The proprietary intellectual property, patient data and legal documents flowing through a pharma company have very high potential value for cybercriminals and industrial spies. Trade secrets in this arena can impact multi-million dollar revenue streams.
Researchers, executives and business reps of pharma companies are increasingly relying on mobile devices for both work and personal use, and employees may be accessing company data outside the office to stay productive. Even if corporate IT tries to lock down device usage, security in a world of connected smartphones, tablets and IoT devices, in labs and in the field, cannot be entirely assured by conventional methods.
Protecting employee devices
Employees who are using company-issued devices, or their own devices in a bring-your-own-device (BYOD) scenario, may not keep their devices updated or be aware of high- risk behaviors such as attaching to unknown Wi-Fi networks, downloading malware by clicking on an unknown link or site, or something as simple as letting a child download apps or play on the phone while traveling.
Mobile devices have some security features built-in, but new “DNA attack” vulnerabilities are discovered every day, and new Android, iOS and Chromebook updates are constantly posted. There are also privacy policies and regulations on security management and legal documentation on how much control a corporation can have over an employee’s device and the data on it.
Rogue networks and spy devices
Securing the company’s corporate and laboratory networks may not be enough to prevent new forms of network attacks. Hackers can set up a fake “Free Wi-Fi” access point to lure employees and visitors to connect, then act as a Man-in-the-Middle (MITM) to capture private data, compromise devices or take control of devices to operate them remotely.
Apps need security too
Pharma companies are starting to find promising results by using mobile apps to better serve patients and physicians. These apps can offer prescriptive advice, medication reminders and other health management tools, as well as facilitating real-time interaction and feedback in clinical trials.