Related
The dark side of mobile apps
21 Aug 2019
PAM vs. PUM
9 May 2019
AI, machine learning boost cybersecurity
8 Oct 2018
Prevention is always better than cure
1 Oct 2018
“And each day a slew of new apps, devices and software is on offer, allowing us to do even more on our phones, meaning we are storing more and more private and personal information on our devices,” says Simon Campbell-Young, MD of Credence Security.
He says all of us have contact and other personal information on our friends and family stored on our devices. Most of us conduct banking transactions and have other financial information on our phones. Some of us even store passwords in a file on our mobile devices, and a few of us store medical information and health insurance details too.
“Even though malicious software that targets mobile devices makes up only a fraction of cyber threats each year, it has been growing exponentially, particularly for Android devices,” Campbell-Young says. “And it’s not only individual users who are in danger. Mobile devices can be used by clever cybercriminals to breach the corporate network.”
Savvy hackers don’t need to physically get their hands on a device in order to hack it, they can employ unsecured WiFi networks, phishing attacks, malicious applications, and other vulnerabilities in the device’s operating system to achieve their goals, says Campbell-Young.
He adds that although device manufacturers have done a fair bit to improve security on their products over the last few years, it’s not enough to stay ahead of clever threat actors.
“However, there are several steps individuals can take to protect themselves, starting with running all updates on operating systems and applications. As soon as a vulnerability is discovered, vendors immediately work towards patching their applications and software, so update as soon as humanly possible.”
Another way to protect yourself from mobile threats is to avoid connecting to unsecured Wi-Fi networks in the first place. Make sure the ‘connect automatically’ function is turned off, and try to avoid connecting to public hotspots in the first place. “If you need to use public WiFi, then you should consider setting up a VPN to make sure any data you send and receive online is safe.”
He also advises users to check app permissions before downloading the app. “Some apps ask for far wider permissions than they could possibly need. Why would an exercise tracker need access to your contacts and camera for example? Make sure that applications only have access to the features and functions they strictly need to perform their function.”
For organisations, having a good bring your own (BYO) policy in place is crucial. “Ensure that your employees that use their devices to conduct company business, have a good anti-malware solution installed. This can ensure that the device can be locked or wiped remotely, in the event of loss or theft. Some solutions also offer containerisation to keep business data separate. In addition, make sure all employees make use of a password, pattern or biometric to access their devices, and have a clear policy on authorised applications.”
Today, mobile devices such as laptops, tablets, smartphones and wearables are a popular vector for hackers to find their way on to your network.
“Ensuring that your BYO environment is safe means that organisations must continually assess their security systems, tools and policies, to make sure they are up to date with the threat landscape,” Campbell-Young concludes.