Among the top trending topics in Cybersecurity in 2016 are the threats posed by smartphones and other mobile devices. But why are mobile devices such a threat and how is mobile security different from computer security?
First, nearly everyone has a mobile phone and wherever people go, their phones go. Due to their mobility and small size compared to desktop counterparts, they’re at much greater risk of being lost or stolen. As proof, more than three million mobile phones were stolen in 2013 in the U.S. and 1.2 million were reported lost.
One reason why the use of smartphones has become so commonplace is thanks to their striking similarity to computers: mobile phones are now just mini portable computers, with similar processing power and with telephone capabilities built into them. People use smartphones as they would computers to access their Favorited applications and web services. They’re just smaller and more convenient to access data whenever and wherever you want. Without proper security, though, a smartphone is a honeypot of personal or corporate information making them an attractive target for thieves or hackers.
One of the biggest threats regarding mobile security is dangerous user behavior. Either failure to recognize the dangers or just through laziness, people often fail to take basic measures to protect their devices. A recent study from Consumer Reports found that over a third of users did not implement any mobile security, with 36% using a 4-digit PIN and only 11% using more complex passwords. With the sheer number of phones being lost and stolen, many millions are falling into the hands of unauthorized users. Devices can also be “jailbroken” in order to remove built-in restrictions and allow consumers to add unapproved features and services. Jailbreaking bypasses the basic protections provided by the device manufacturer and often leads to weakened protection against malware and hackers’ bad intentions.
Firewalls have long been used to protect the perimeter of computer networks. On mobile phones, this option isn’t available. Hackers will often scan public areas to see which devices make a connection and what vulnerabilities they can then exploit. It’s essential that operating systems are kept up-to-date to minimize the threat risks, but people often avoid this by using older devices.
For consumers, the steps required to enhance the security of their devices are pretty straightforward. To begin, ensure that at a minimum a 4-digit password is activated at all times and that device tracking services such as “Find My iPhone” are setup and enabled to not only find but also wipe out the contents of your phone if stolen. For corporations, to reduce the threat caused by the proliferation of mobile devices, it’s necessary to deploy a robust Mobile Device Management (MDM) policy which enforces effective security measures particularly in a bring-your-own-device (BOYD) environment.
There are a number of approaches to MDM, including requiring a user to open a particular app to access his or her work email, often referred to as a container model. If a device is stolen, you can simply wipe out the content of that container which ensures that any sensitive information is deleted, as long as it was in that container.
Another approach, one offered by APrivacy, is security at the data level that allows a user his or her preferred email or instant messaging solution, but with a security layer on top that allows control on all secure communications at all times. If a device is stolen, all the emails or other communications on that device can be immediately deactivated across various apps or platforms.
Digital Security Perfected – APrivacy Ltd. is an award-winning company which combines military-grade data security with a seamless user experience on any platform, any device, anywhere. APrivacy Ltd.’s enabling technology now allows the financial services industry to confidently communicate with clients using their favourite channels leading to increased revenues and reduced costs while meeting the strictest regulatory requirements.