Mobile Security – An Ignored Reality

With the handset becoming the all in one device in our lives – Mobile Security becomes an important area of concern. Mobile become no. 1 device to manage our personal & business life. Enterprises are happily connecting employee smartphones to their business systems under Bring Your Own Device (BYOD) scheme.

Its benefits are as follows:

• Access to e-mails, apps & WiFi improve productivity
• Ability to work on the go
• Store important data

Mobile phone hacking incidences doubled in Jan- Jun 2016 over Jan- Jun 2015 as its security is almost non-existent. Gartner claims that by 2018, a quarter of corporate data traffic will flow directly from mobiles to the cloud, bypassing any enterprise security completely.

Challenges to Secure Mobile Data

1.   Network – Information can be hacked over networks
   1.  Employees tend to sometime connect to unsecured Wi-Fi networks
2.   Device – Under BYOD scheme
   1.  Employees prefer to protect privacy avoiding intrusive IT security measures from corporates
   2.  Neglect download of latest version of Operating System
   3.  Mobiles can be lost or stolen
3.   Mobile apps – Mobile Malware
   1.  3 out of 4 apps have security gaps for which traditional security measures difficult to enforce.
4. Mobiles can’t detect threats or self-repair once under attack.
5. Even one Mobile device hacking is enough to breach enterprise data security.

Some common types of Malware

• External attacks –

  Viruses can enter via Wi-Fi/ Bluetooth connections, Downloading files, receiving mails/ SMS’s/ cookies. It install itself without user consent.

• Worms –

  Standalone software program which replicate its functional copies and spread quickly to other devices.

• Phishing screens –

  Unknowingly accessing fake mirror sites exposes information & passwords

• Hidden Spyware –

  Collect information & passwords without leaving a trace

• App stores –

  Some apps, especially free ones may have a malicious coding

• Trojan Horses –

  Seemingly harmless programs, trick you into installing, infect devices

Symptoms & Actions

• Symptoms of Mobile attacks

  –   Phone sends messages by itself/ attacks other phones
  –   Data disappears/ breached to create new accounts
  –   Suspicious bank activity

• Actions – Immediately stop using it

  –   Change passwords to all linked accounts from a different device
  –   Alert Friends & family of potential Malware texts
  –   Consult OEM for advice & service
  –   Google 2 steps authentication process

Common Precautions

• All latest OS/ mobile antivirus/ Mobile Device Management (MDM) software should be updated frequently
• Use password protected access controls – keep strong & different passwords
• Control application access & permissions, check app reviews before downloading especially free apps
• Never store personal financial data on your Mobile phone
• Control accessing public networks & close Wi-Fi/ Bluetooth connections when not in use
• Back up your data to the cloud
• Wipe devices data automatically if lost or stolen
• Avoid Jailbreaking a Mobile phone
• Never leave your Mobile phone unattended