So you have just got the latest and greatest mobile phone, only to have the buzz shift a week later to the new model that has just been announced.
The mobile industry is huge and whilst we still refer to them as mobile phones the reality of what we use them for is very different. These ultra-compact and small mobile compute devices connect us to friends, family, work, social life and organise our working days, they hold a wealth of information from photos, messages, mobile banking and payment apps and that’s without the applications and tools we are using for business.
However the level of security we often apply is limited and in many cases non-existent. In 2015 Gartner reports that sales to end users totalled a staggering 1.4bn units and without a better focus on security the risks of serious security breaches are becoming massive.
We don’t think of the same threats levels to mobiles as we do with our PC’s or Laptops yet the software and type and numbers of threats are significant. Below we try and summarise a few of the key things you need to be thinking about, to help understand and protect yourself from threats.
The mobile attack.
Cyber threats are increasing and the sophistication and complexity in how these are delivered and distributed continues to evolve. In 2014 many phones were targeted by the”WireLurker” attack and IOS was the target. With the growth in Apple products the IOS is no longer impregnable. This saw a virus transfer from a mac to an apple mobile device capable of stealing information. No mobile device whether IOS or Android is safe and in 2015, Kaspersky detected 884,774 new mobile malware programs – that’s 2424 new malware items per day aimed at mobile devices.
With contracts having limited amounts of mobile data and often 3/4G signal changing with the direction of the wind, many of us start to take advantage of free Wi-Fi. Whilst most is pretty secure, this still poses a risk, especially if accessing company software and data. In public spaces some malicious individuals set up rogue access points through which your connection will stream. Undetected and unknown to you, the attacker is able to see and record the traffic and data, potentially revealing and breaching sensitive corporate data undetected.
The data mining App
Interestingly Gartner predicts that by 2017, 75% of all mobile security breaches will occur through apps. For many of us with mobile devices, apps are a crucial part of making the device useful and fun. However be vigilant, even legitimate looking apps can be bad for us, granting access to all sorts of data and permissions without us batting an eye (after all who reads that small print when a big green button says “I Agree”) We don’t always have the understanding of where that lovely cloud sends our data and this can be sent to servers and advertisers around the world, leaving this to be mined by cybercriminals or even competitors with malicious intent.
The lack of a mobile device policy
A well delivered mobile security policy will deliver rules to cover off most aspects of risks from authentication, email and usage. It will also deliver restrictions around passwords and pins, and should form part of the tool kit for any business that allows remote connection to corporate data and mobile devices. However the crucial element to this working successfully is education, employees must be educated and made aware of the policy and the role they play in implementing and adhering to security measures.
Clearly we all don’t want to live in fear and the mobile device has empowered the way we work, talk and have fun and this should remain the case. It is with the proliferation of mobile devices and the cross use for work and leisure that must make us think harder about the risks and security measures that we need to undertake to remain safe and secure.
For further information on mobile device management download our datasheet.
Would you like more information around cyber security? download our datasheet.