Everyone knows desktop and laptop computers are vulnerable to viruses and other security risks, but if you think your mobile device is safe, think again. While mobile devices, such as smartphones and tablet computers, face different types of security challenges than their traditional counterparts, those challenges still exist and need to be addressed.
What exactly are those security challenges? A recent article by Michael Cooney, Online News Editor at Network World, Inc., outlined several security threats commonly encountered by mobile devices, as well as the best ways to protect against those threats. The list of threats and fixes comes from a report recently issued to Congress by the Government Accountability Office (GAO).
Security Threats and Fixes
- A lack of password protection. While almost all mobile devices have password protection capability, a surprising number of mobile device users don’t bother with this basic precaution. Without these fundamental safeguards, a lost or stolen phone is vulnerable, giving thieves easy access to personal and sensitive information. Simply using security features such as pattern screen locks, passwords and PIN numbers go a long way toward keeping your mobile device – and the information on it – safe and secure.
- A note about PIN numbers – When using a PIN, be sure it’s not something that can be easily guessed such as all zeros or just 1234. Otherwise, there’s no point in having the PIN.
- A lack of encryption. Wi-Fi networks are often unencrypted, which makes intercepting information easy. Additionally, the data sent and received by most applications isn’t encrypted either. These two factors make any information on a mobile device extremely vulnerable. To help protect your device, enable the encryption tools that came with it. If your device doesn’t have built-in encryption capability, after-market encryption tools are available.
- Malware. Malware is disguised to look just like legitimate applications. Because of this, many mobile device users unwittingly download malware which renders the device susceptible to data interception. This vulnerability is easily remedied by installing antimalware protection.
- Lack of security software. Incredibly, many mobile devices do not have security software preinstalled and mobile device users don’t think to install it. While security software can have the side effects of reduced battery life and slowed performance, the protection it provides is well worth it. Without security software, a mobile device is easily attacked by spyware, viruses and Trojans.
- Out-of-date operating systems and software. Unlike most desktop and laptop computers, security patches and updates for mobile devices are not easily updated. The patching process for mobile devices is such that users either do not get patches and updates until weeks or months after they are needed, or users aren’t made aware of updates at all. Most mobile devices can have security updates enabled and/or installed, helping to keep the device secure.
- Unauthorized modifications. Also known as, “jailbreaking,”mobile devices that have been modified to allow access to the operating system are especially vulnerable to attacks. These modifications can result in a disruption of security updates, as well as a disruption in the manufacturer’s application vetting process. Help protect your device by avoiding any unauthorized modifications.
In the brave new world of mobile computing, enterprise security is another security challenge facing mobile devices. Enterprise security is a term that’s often used in IT and security circles to refer to security involving any computing devices a business or organization uses.
When mobile devices are used for work within a business or organization, the device itself is not the only component at risk for security threats. Any information pertaining to the organization that goes between the server and the mobile device is also potentially at risk, making server security critical as well.
The best way to keep your mobile devices secure is to make sure you use the security tools at your disposal. Beyond using passwords and pin numbers, file encryption, and installing timely updates and security software, consider installing additional features such as whitelisting software, remote disabling and a personal firewall. Every security safeguard you use is one more layer of protection against hacked devices and stolen information.
About the Author: Contributing blogger Mark Seros is an enterprise security expert and consultant. When not following the latest security trends, Mark teaches basic computing skills at a local community college.