Take Care of your Everyday's Partners
Mobile devices provide convenient communications, portable information storage and bring out countless opportunities to grow a business, work, and personal life.
However, mobile device security threats are on the rise. A growing number of users are using smartphones and tablets for all online activities, making them a desirable target for hackers.
Therefore, knowing the importance of mobile devices security and practices are the first step to making a change in how we use our device.
Mobile device security involves protecting portable devices such as laptops, smartphones, tablets, smartwatches, USB memory sticks, digital cameras, and other devices against cyber threats. These devices store information such as contact lists, passwords, emails, messages, and so on. These devices also act as a mobile bank and a social network hub. The need for protection is critical because a lot of sensitive data is stored on these devices. Most individuals and organizations use their smartphones and laptops to login into their emails and social media pages. This puts us at risk as we are increasing our digital footprints on our mobile devices day by day.
What are the security threats to mobile devices?
1. Data leakage
Mobile devices are small, portable, and easy to lose or to be stolen. The mobile device in the hands of a stranger provides easy access to sensitive data stored on the device, data stored on corporate networks as well as an ability to impersonate the authorized user.
2. Poor password security
To protect your accounts from hackers, suggest setting up two-factor authentication, as well as using a password manager app to generate and store unique passwords for every account.
3. Unauthorized device and data access
Access to the device and its contents may be gained by forging or guessing authentication PIN or password or by bypassing the authentication mechanism entirely.
4. Unsecured public Wi-Fi
Mobile devices transport data via wireless networks, which are typically less secure than wired networks. Do not access any sensitive information through public Wi-Fi, such as logging into your bank or checking sensitive work emails, as a hacker may be able to intercept your communication through a "man-in-the-middle" attack.
5. Network spoofing
Hackers set up fake access point connections that look like Wi-Fi networks, but that are actually trapped in high-traffic public locations such as cafes, libraries, and airports. In some cases, attackers require users to create an “account” to access these free services, complete with a password. Hackers are able to compromise user’s email, e-commerce, and other secure information. And whenever you are asked to create a login, whether for Wi-Fi or any application, always create a unique password.
6. Malware and spyware
Mobile malware and spyware come in the forms of Trojans, adware, ransomware, and viruses. Malware can be spread through internet downloads, messaging services, and Bluetooth communications. Once infected with your device, the malware mines private data and sends it to third parties. Hackers use spyware to hack phones, allowing them to hear calls, see text messages and emails as well as track someone’s location through GPS updates.
7. Malicious apps and links
Hackers upload malicious programs or games to third-party smartphone application marketplaces, the programs steal personal information and open backdoor communication channels to install additional applications and cause other problems. Malicious links on social networks are also a way to spread malware where hackers can place Trojans, spyware, and backdoors.
8. Phishing attacks
Anyone can trick you into giving access to your accounts or providing your personal information by sending you fake links or emails. When you open an email, check the email address of the sender. Be careful downloading attachment files or clicking links. Any links that ask you to take action, be aware of the urgency, threats, or requests for help.
9. Out-of-date devices
Devices that are too old to receive security updates should be replaced. Even if it seems to still be running, there's a risk in using an old device that hasn't received the latest security updates.
What can we do to safeguard our mobile devices?
1. Maintain physical control of the device
Treat it similarly to our identity card/credit card by maintaining control at all times and storing it securely if left attended.
2. Enable user authentication
Passwords and PINs are good first-line defenders and are usually available on most mobile devices. Remember, create strong and unique passwords at all times.
3. Backup data regularly
Backing up important files and data offline, on a local external disk, or in a secure end-to-end encrypted cloud storage. This can help protect against many types of data loss, especially if hackers gain access to one of your devices. (it is recommended to do it once a week or after intensive work). You should also backup your phones, we recommend backing up to a local computer rather than cloud services.
4. Minimize data exposure
If possible, avoid keeping sensitive information on a mobile device. If the presence of sensitive data is not avoidable, encrypt the data. Some devices support built-in encryption capabilities.
5. Think before you click
Cybercriminals often use email, text messages, and even voice calls to fool their targets into giving up a password, clicking on a link to download malware, or confirming a transaction. To avoid falling for a phishing scam, you should always verify who is contacting you for your personal information. Any request from an unknown program whose installation was not initiated by the user should not be accepted.
6. Be cautious of public Wi-Fi
Mobile devices are frequently used in public areas like hotspots, consumer sites, airports, cafes, conferences, etc. A very simple protection step is to turn off Bluetooth, Wi-Fi, and wireless interfaces until they are needed. Do not connect to unsecured wireless networks and do not allow automatic connections. Consider setting up a Virtual Private Network (VPN) connection that will allow you to send an email and use the web securely.
7. Deactivate and wipe lost or compromised devices
If your device is lost or stolen, disabling service, locking it, or completely erasing its contents remotely are the options to take. Devices like iPhone and Android have the capability to lock a device or erase its contents remotely through a built-in mechanism. If you are using Microsoft Exchange on your mobile phone learn how to perform a remote wipe on a mobile phone here: http://technet.microsoft.com/en-us/library/aa998614.aspx
8. Remove or disable unnecessary services and applications
Unneeded functions, features, add-ons, or plugins increase security risks because they can enable cybercriminals with access to user content and device programming interfaces. Therefore, reducing them to only those required.
9. Add additional security control software
A wide range of products exists for various mobile devices including smartphones and tablets that usually provide the following capabilities such as improved authentication mechanisms, data backup and encryption, firewall, antivirus, anti-spam, and VPN.
10. Update Operating system and software regularly
Cybercriminals exploit vulnerabilities in operating systems to gain access to outdated digital devices. Thus, it is important to ensure your operating system and software are always updated. It helps to protect your devices from malware such as ransomware.
11. Only download official apps from the official stores
Use places such as Google Play or the Apple App Store. Doing so can help to ensure the applications you download are safe for your device. To further check the authority of the app, check ratings and reviews if they are available. Read the app’s privacy policy which allows you to see exactly what phone features it will have access to upon installation.
12. Encrypt your devices and storage
Encrypting your devices and other media that contain sensitive data including laptops, tablets, smartphones, SD cards, removable drives, and cloud storage. Some apps are using end-to-end encryption, and other services encrypt data on your devices and back them up in the cloud.
13. Always practice digital security hygiene habits! (Read more on Basic Digital Security Hygiene)
The more you depend on your phone for everyday tasks, the more it will impact you if your device is compromised. Therefore, protecting your mobile devices is crucial and it doesn't have to be difficult. In fact, it can be one of the simplest things you can do, by reading all of the above and practicing good mobile device security habits.