October 14, 2013

    Mobile Device Security

    Hundreds of thousands of employees use mobile devices to access, edit, or store sensitive information. The problem is, mobile devices are far from secure, leaving sensitive information at serious risk. Because mobile developers allow security to take a backseat in the development process, organizations need to step-up and assume their devices need extra protection or configuration.

    Since the very first handheld mobile phone, mobile devices have been about increasing user convenience but rarely about increasing security. Now that mobile devices organize the most important details of our business lives on a wireless data network, security is high on the wish list, but near impossible to achieve with today’s ‘make-it-fast-and-easy’ mindset.

    Because mobile devices are almost always connected to the Internet, they have the potential to be riddled with many adapting and highly technical vulnerabilities designed to steal your sensitive data. For example, Android app markets are highly unregulated. Through such markets, criminals can easily install malicious new apps or repackage old apps with malware to steal data accessed on a mobile device. iOS users aren’t exempt either. Recent research found that iPhones and iPads could be compromised within one minute of plugging in to a malicious USB charger.

    No matter the type of technology an organization is using, organizations are obligated to protect sensitive information on that piece of technology. Unfortunately, only 15% of organizations believe laws specify the protection of regulated data on mobile devices.

    If a smartphone or tablet is used to access, transmit, receive, or store information – it must have certain security precautions in place. Here are eight best practices for securing a mobile device.

    • Use discretion when downloading apps. Malicious software infects mobile devices by acting as a Trojan horse inside an app. Even apps that look legitimate may be infected.
    • Implement employee usage policies and training. Policies and regular trainings help ignorant employees follow the security precautions you have in place.
    • Accept all OS and app updates immediately. Just like computers, mobile devices must be patched often to eliminate software or hardware vulnerabilities found after initial release.
    • Be wary of public Wi-Fi hotspots. Internet traffic can easily be intercepted on unencrypted public Wi-Fi. If you’re away from a secured network use your provider’s 3G or 4G data connection, as most providers encrypt cell traffic.
    • Log off sites. Closing a mobile browser does not log you off a website. If your device is stolen, a thief can login to your accounts and access the data.
    • Never save usernames or passwords in your mobile browser. Saved information allows quick hacker access to sensitive information on financial or personal sites.
    • Download a mobile vulnerability scanner for your mobile device. A mobile vulnerability scanner, such as SecurityMetrics MobileScan, can check a device for security holes that may grant access to hackers.

    Organizations using mobile devices should be on high alert. As more and more employees use these devices to access sensitive information, hackers will continue to adapt their strategies to gain the most sensitive and profitable information.


    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts