Security Considerations for Mobile Devices
Mobile security refers to the protection of smartphones, tablets, and portable computers, and the networks they connect to, from threats and vulnerabilities. Mobility is increasingly an essential element of competitiveness. But while mobile devices give employees access to critical information and systems all the time, they also provide an entry point for data theft, malicious malware and other security threats to corporate systems. With the proliferation of mobile devices, the rise in mobile malware is accelerating – from 2015 to 2016 there was a 151-percent increase in total mobile malware (Source: Intel Security, “McAfee Labs Threats Report,” September 2016). As a result, organizations must aggressively secure their mobile deployments and operating ecosystems. Since there is no universal security solution, organizations looking to mobilize their workforce should:
- Understand their unique IT environment
- Determine which tools provide the greatest security benefits for their specific needs
- Risky connections to public Wi-Fi access can open users to surveillance and compromise passwords and logins.
- Unregulated sites and sources of software downloads are more prone to malware.
- Wireless transmissions aren’t always encrypted.
- Out of date operating systems and apps may have known vulnerabilities which security patches in updated software have addressed. Many developers stop supporting versions of software older than 18 months.
- “Jailbreaking” a mobile device’s OS allows a user to run third party software and other code, but it can significantly increase security risks and won’t be automatically updated with security patches.
- Unlike a computer, mobile devices are always-on, and somewhat more susceptible to phishing attacks (in which usernames, passwords, and credit card and other sensitive information are mined by bad actors disguised as a trustworthy entity in an electronic communication).
- Spyware can enable third parties to receive contacts, texts, call logs, GPS data, and even potentially control the camera and microphone for active surveillance.
- Password management
- Remote data wiping service
- Data encryption
- Jailbreak/root detection
- Data loss prevention
- Remote configuration
- Remote software updates
- Remote inventory tracking
- Remote control