Mobile Security Defined

Mobile Security Defined

Whenever anyone hears the term “mobile security” they typically think of their mobile phones. However mobile security relates to all mobile devices including laptops, tablets, smart phones and any mobile device that is portable that can access the internet, networks, or wireless computing. These devices are open to vulnerabilities and threats from cybercriminals, and without proper protection, the data and both personal and proprietary information can be hacked, stolen, or malware inserted. This problem has been exacerbated in the business world as more companies are relying on employees to use their personal devices that are often connected to company networks. 

At one time, organizations could rely on the expertise of their IT professionals to keep data safe. With staff using their personal devices that access mobile apps, there is an increasing risk of data theft as well as illegal access to company networks. When you factor in the number of “lost or stolen devices” that happen, the problem can turn from bad to catastrophic. 

It becomes a priority to establish well-planned compliance protocols for all mobile devices used for any business purpose. The requirements can also educate staff of the potential of personal information that can be stolen as well as malware and other dangerous software. Millions of devices fall prey to being hacked every year and when the devices are used for business purposes it expands this to the loss of billions of dollars. 

In an enterprisemobilityexchange article they focus on this as one of their five topics:

With the large number of various privacy and security laws in place for organisations to be aware of, as well as industry-specific regulations to follow, compliance is a common challenge. Businesses must understand how to maintain the required standards and protect their assets, their data and their employees.

Centralised administration and data protection capabilities should be in place to allow enterprises to regulate the corporate networks by tracking, securing, controlling and optimising mobile access to their systems.

Because mobility is inherently different to other enterprise technologies, it requires an individually considered approach to security policies, through mobile-specific frameworks and infrastructures.

At the most basic level, mobile security should include a high level password that contains alpha/numeric/special characters, finger print sensor or even facial recognition software. The addition of a protective firewall software is highly recommended. 

Mobile apps and unsafe Wi-Fi

There is no denying that as a society, we now depend on mobile apps for many of our daily functions. The development of approved mobile apps requires that the companies jump through a lot of security hoops. This is not the case for apps that are downloaded from third party sources outside of the standard mobile app store. These apps will often contain any of the following threat types:

  • Phishing expeditions: Using a phone to access email can open the door to clicking on a malicious link that could download a virus to your phone.
  • Network spoofing: Logging into a Wi-Fi network while you are shopping or getting coffee has become a very popular method for fake networks to simulate and then access your personal data.
  • Spyware: This type of virus opens the door for cybercriminals to get everything on your device from your text messages to credit card numbers. 
  • Problems with Bluetooth: Millions of Bluetooth devices were found to be vulnerable to threats that could easily be passed from one device to another. While many of the problems have been addressed, it is wise to have mobile security software as an additional method of protection. 

“DaVinci Forensics offers analysis and education on the many methods used by criminals to access, download, and steal personal information from mobile devices. We work diligently with IT Departments to assist in ensuring that protocols are set to keep personal and company data safe. Our goal is to help to maintain updated information on any and all past and new cyber threats so that individuals and corporations can have a sense of confidence in their technologies.”