ISO 9001:2015 , ISO 27001:2022
With the handset becoming the all in one device in our lives – Mobile Security becomes an important area of concern. Mobile become no. 1 device to manage our personal & business life. Enterprises are happily connecting employee smartphones to their business systems under Bring Your Own Device (BYOD) scheme.
Its benefits are as follows:
- Access to e-mails, apps & WiFi improve productivity
- Ability to work on the go
- Store important data
Mobile phone hacking incidences doubled in Jan- Jun 2016 over Jan- Jun 2015 as its security is almost non-existent. Gartner claims that by 2018, a quarter of corporate data traffic will flow directly from mobiles to the cloud, bypassing any enterprise security completely.
Challenges to Secure Mobile Data
- Network – Information can be hacked over networks
- Employees tend to sometime connect to unsecured Wi-Fi networks
- Device – Under BYOD scheme
- Employees prefer to protect privacy avoiding intrusive IT security measures from corporates
- Neglect download of latest version of Operating System
- Mobiles can be lost or stolen
- Mobile apps – Mobile Malware
- 3 out of 4 apps have security gaps for which traditional security measures difficult to enforce.
- Mobiles can’t detect threats or self-repair once under attack.
- Even one Mobile device hacking is enough to breach enterprise data security.
Some common types of Malware
- External attacks –
Viruses can enter via Wi-Fi/ Bluetooth connections, Downloading files, receiving mails/ SMS’s/ cookies. It install itself without user consent.
- Worms –
Standalone software program which replicate its functional copies and spread quickly to other devices.
- Phishing screens –
Unknowingly accessing fake mirror sites exposes information & passwords
- Hidden Spyware –
Collect information & passwords without leaving a trace
- App stores –
Some apps, especially free ones may have a malicious coding
- Trojan Horses –
Seemingly harmless programs, trick you into installing, infect devices
Symptoms & Actions
- Symptoms of Mobile attacks
– Phone sends messages by itself/ attacks other phones
– Data disappears/ breached to create new accounts
– Suspicious bank activity - Actions – Immediately stop using it
– Change passwords to all linked accounts from a different device
– Alert Friends & family of potential Malware texts
– Consult OEM for advice & service
– Google 2 steps authentication process
Common Precautions
- All latest OS/ mobile antivirus/ Mobile Device Management (MDM) software should be updated frequently
- Use password protected access controls – keep strong & different passwords
- Control application access & permissions, check app reviews before downloading especially free apps
- Never store personal financial data on your Mobile phone
- Control accessing public networks & close Wi-Fi/ Bluetooth connections when not in use
- Back up your data to the cloud
- Wipe devices data automatically if lost or stolen
- Avoid Jailbreaking a Mobile phone
- Never leave your Mobile phone unattended