Mobile Device Security
By the fourth quarter of 2022, there were about 5.5 billion people in the world who use mobile devices to access the internet, and the number is growing. Approximately 200 million applications were downloaded to smartphones and tablets. (Dhs.gov, n.d) An increasing number of threats to mobile security is the result of a rapid growth in the use of mobile devices and applications. As of April 2023, mobile devices account for over 60 percent of digital fraud. (Nelson, 2023)
Definition of Mobile Device Security
Mobile security, or mobile device security, is the strategy, infrastructure, and software designed to protect devices that travel with users such as smartphones, tablets, laptops, wearables, and other portable devices from threats. Three out of four mobile applications contain at least one low-impact vulnerability, and one in four apps contains at least one high-risk security defect. For this reason, mobile devices need protection to keep personal data safe. (Vmware.com, n.d.)Importance of Mobile Device Security
Mobile devices represent one of the greatest advances in human communication in history. They have become a significant part of everyday life. People are not using mobile devices for just texting, calling, playing games, social networking, and listening to music. Applications for business and professional networking have turned mobile devices into mini portable computers causing them to be bigger targets for attackers. Now that many prefer to browse the internet with their mobile devices instead of using desktops, corporations have more overhead when creating security strategies for mobile devices. (Proofpoint.com, n.d.)Benefits of Mobile Device Security
Mobile technology promotes lower costs, geographic flexibility and other advantages to government services such as public safety, health, education and finance. This also applies to the corporate sector. Mobile device security provides benefits which include password security, application protection, enforce security policies, remote control of device updates, data backup, regulatory compliance, support of “bring your own device” (BYOD), and automated device registration. (VMware.com, n.d.)Some Common Types of Mobile Security Threats
Spyware and Data leakage:
Some data leaks may be unintentional. Read the fine print before adding apps to devices. Apps collect data such as location, contact lists, and account information. There are many malicious apps out there. Protect your identity and beware of the bad app. The spies are lurking! (Nelson, 2023)Unsecured Wi-Fi networks:
Users are unaware of the fact that cybercriminals can create phony hotspots. An open Wi-Fi network may be good but it is not always better. (Kaspersky, n.d.)Phishing attacks:
Attackers are always phishing. Too many fake apps are out there. Scammers send emails with fake apps and bogus websites. Delete text messages and emails that seem too good to be true. It may be a scam. (Nelson, 2023)Network spoofing:
Cybercriminals disguise themselves as trusted sources. Spoofing comes in many different forms, such as DNS spoofing, email spoofing, website spoofing, IP spoofing, and GPS spoofing. Caller ID can be spoofed too. Beware of the man-in-the-middle! (Kaspersky, n.d.)Some Possible Solutions
Using mobile devices for things such as banking and shopping, among other things, has made security an essential part of mobile device usage. Users can use their mobile devices safely by staying informed and taking necessary precautions. Some precautions include:Email security:
Email is the most popular way for hackers to install malware to mobile devices. Cybercriminals often use phishing attacks to commit digital fraud. Email security can detect, block, and address threats fast, prevent any data loss, and protect important information intransit with end-to-end encryption. Never click on unfamiliar email links! (Proofpoint.com, n.d.)
VPN:
Enabling a Virtual Private Network (VPN) allows users to connect to networks securely by extending private networks across public networks. VPNs allow users to send and receive data across shared or public networks. They are most effective when accessing websites that are not that secure. Familiarize yourself with VPNs. (Proofpoint.com, n.d.)Mobile device encryption:
Encryption makes data unreadable to prevent unauthorized access to data and data theft. It converts unreadable data into accessible data on websites. Locate that feature on your device and set up your password. Do not forget your encryption password. (Kaspersky, n.d.)Cloud access security broker:
A cloud access security broker (CASB) is an on-premises or cloud-based tool that is used to enforce security, integrity, governing policies for cloud applications. CASBs consolidate types of security policies such as authentication, authorization, encryption, single sign-on, credential mapping, malware detection and more. The cloud is a good thing! (VMware.com, n.d.)Endpoint security (penetration scanners):
Endpoint security protects enterprise networks that are accessed remotely. They ensure that companies follow security standards and alerts IT administrators when there is a security threat and monitor backup systems for organization. Remember that things are happening behind the scenes when you are working on the go. (VMware.com, n.d.)Install an antivirus application to your mobile devices. Stay away from open Wi-Fi networks, use strong passwords, and backup your data files. Don’t forget to install updates to your apps and devices. Keep those attackers away! Remember that convenience and pretty colors are not always good!