IMPACT OF MOBILE DEVICES ON CYBER SECURITY

In today’s digital world you can handle your banking, shopping, bills and even secure a loan all on your mobile devices. This is very convenient but also opens doors to cyber criminals as technology evolves so do their techniques.

It is important to identify the main methods of attack to help keep your identity safe online. Employers with Bring Your Own Device (BYOD) policy permit personal devices to be used for business use. Mobile devices need to be secured properly to protect data on them from being lost, stolen or being compromised. It is critical to securing your organization’s data. Because mobile devices are both convenient and portable, they are an easy target for attackers.

Mobile security is said to be measures taken to protect critical information and sensitive information on modern smart applications like smartphones, laptops, tablets. The core of mobile security is to keep an unauthorized access from users that try to gain access into the device or network.

When security on mobile platforms is discussed, there are many areas to consider about mobile security.

These areas include:

1)?????Security of the applications on the device itself

2)?????Security of data coming into the device

3)?????Security of data flowing out of the device to another device or platform

Examples of threats can be malicious code that can be downloaded into the mobile device and later infected and controlled by attackers.

Another example could be data privacy that can be stolen from that device.

Mobile devices become a gateway to penetrate the organization to steal data or create an attack.

That’s why mobile security is important because it can anticipate threats like malicious mobile applications, data leakages, phishing scams, spywares, identity thefts and many others.

?

Key benefits of mobile security:

  • A uniform security policy enforcement that an entire organization adheres to a unified policy for the security of mobile devices.
  • Regulatory compliance
  • Automated device registrations
  • Support for BYOD which are effective for companies and their employees.
  • Data backup that comes in handy in case of data loss
  • Convenience with remote control of device updates

?

Common mobile security threats and vulnerabilities

  • Phishing attacks: These are the attacks where attackers are trying to trick or fool the victim to provide their credentials. Lately, this is the most common attack that later results in ransomware. Phishing attacks are usually executed on mobile devices, you get SMS with some suspicious links or a mail or a whatsapp message and you just need to click it and can download the malicious code into the mobile device transforming it as part of bots of IoT devices that can generate attacks on many victims.
  • IoT devices: These are drastically growing numbers, and we are expecting billions of IoT devices as we progress. IoT device is any machine connected to the Internet. At home IoT devices could be routers, cameras and the weakness are that these vendors that are manufacturing IoT devices are overlooking security eg leaving an easy password.
  • Mobile malware: All business data is on mobile these days. Data is portable. Many people who used to work on laptops and desktops have shifted their data on mobiles and smart phones. Cyber criminals have created mobile malwares to gain access to data stored on mobiles. This hacking technique can be most prominent one in future because everyone is moving their business to mobiles. It is dangerous software taken to control over sensitive data stored in mobile phones.
  • 5G to WiFi security vulnerabilities: While 5G is newly launched and being implemented by many of telecom service providers, it will create security challenges by itself. Still to save bandwidth some of wireless carriers are moving many of users into WiFi or push them to WiFi. When moving to wi-fi cyber criminals can easily gain access to data. Not only data but they have techniques to take control over network which include wi-fi, 5G networks etc.
  • API security and breaches: Companies are being dependent more and more on API, cyber criminals have invented API based attacks which can impact frequently used applications, social media.

?

How to enforce mobile security

  • Use a commercial grade anti-virus software

Most commercial grade anti-virus products have extra capabilities such as real-time protection, which monitors your device for dangerous activities and anti-phishing protection, which prevents efforts to steal your personal information. Further many anti-virus products can monitor incoming emails and downloads to secure your device.

  • Use a premium (Paid) VPN service

Using a premium VPN service protects your data from possible hackers by preventing them from accessing your sensitive information. A VPN establishes a secure tunnel for your online activities, allowing you to browse the web without worrying about being watched or traces.

  • Maintain software updates

You should also ensure that any security tools installed on your phone are up to date. Tools include antivirus software, firewalls and anything else you use to safeguard your data.

  • Only download and install apps from reputable sources

Its crucial to be aware of the hazards of downloading and installing programs from unknown sources while browsing the app store. Malicious software, sometimes known as malware, may be used to steal your data, follow your behaviour or even take control of your device.

  • Use a challenging password

A complicated password is far safer than a straightforward four-digit password. It has at least eight characters and is made up of letters, numbers and symbols. It should also not contain personally identifiable information, such as your name, birth date or address.

  • Configure two-factor authentication (2FA)

Two-factor authentication (2FA) often known as two-step verification or dual-factor authentication, is a security procedure is a security procedure that requires users to give two distinct authentication factors in order to be verified.

2FA instantly reduces the risks associated with stolen passwords. If a password is stolen, guessed or even phished, it is no longer sufficient to provide and intruder access: a password is worthless without authorization at the second stage.

  • Don’t click on unidentified links or files

Never click on unrecognized links or files. Whether you are on your phone, computer or tablet, clicking on unknown links or files could endanger your device and data.

?

More and more mobile phones are used and allows use to communicate data with each other. Mobile security is even bigger and need to be prioritized.

Dr. Sanjib Chowdhury

Author II Mentor II Service Delivery Manager II RISE with SAP - Security & Compliance II Quantum research II Sr Advisory Consultant II Author

1 年

Good content and well articulated and structured point by point. Useful for readers. Thank you for your contribution.

要查看或添加评论,请登录

Medha Jolly (CISM, CISA)的更多文章

社区洞察

其他会员也浏览了