by Scott M. Lewis
Iget a lot of questions regarding the security of mobile devices such as smartphones. Remember that a typical smartphone has more computing power than NASA used to send a man to the moon; they are essentially powerful handheld computers. The good news is that typically they are pretty secure by nature, more so than your standard computers. The bad news is that Smart Phones do have an operating system, and in a recent Verizon report, there has been a 64% increase in mobile threats. There is a lot of other evidence to show that mobile devices are being targeted more and more through emerging threats and technologies that specifically target mobile devices. These emerging threats focus on stealing text messages, photos, recording calls, and using the device to pivot to corporate networks through CRM and ERP systems or email.
A Verizon report specifically targeted five types of threats commonly targeting Smart Devices.
- Trojans are malicious applications designed to look and act like legitimate applications or apps and can even be downloaded through the app store on Android-based devices or the Apple App Store. These apps can be used as a backdoor to your device, allowing the hacker to pivot to your corporate network.
- Spyware – These types of applications run in the background, and you may and may not know that you have one on your Smart Device. Spyware collects data on your browsing history, username, or other personal information that may be contained on your device.
- Riskware – These applications can be downloaded or ghost-loaded on your Smart Devices. Riskware can decrease the performance of your Smart Device, and it attacks the security protocols that you have set up on your Smart Devices to load other applications that allow more access potentially.
- Chargeware – These are valid-looking apps that can charge for different services or apps without the users’ knowledge.
- Adware – We all love the ads that pop up; most of these ads are simply frustration points; however, some contain Malware or spyware that will be loaded on your Smart Device if you click on them.
All of this does seem very scary; however, as I mentioned before, by design, Smart Devices have a lot of built-in security if you choose to use them. Features like auto-locking, password protection, biometrics, and facial recognition, you can also load VPN technologies on them, along with Multi-factor authentication.
There is also Anti-Virus that you should load on the Smart devices to give you an extra layer of protection. With all the press in recent years, you would think we would all be more proactive in protecting Smart Devices. However, within the Verizon report, 90% of respondents consider Smart Devices a growing threat; only 39% have done anything to mitigate the threats posed by Smart Devices.
According to Seniorplanet.org, here are some steps you can take to secure your Smart Devices:
- Know what security features are on your device and set them up: Set up the auto-locking feature on your Smart devices, set passwords, use biometric and facial recognition, turn on anti-theft apps, and use privacy controls.
- Don’t leave them lying around – Don’t leave them unattended; if you leave your phone unattended in a public place or a bar, restaurant, or airport, phones can be cloned or stolen, so don’t leave them lying around.
- Do updates – Android and Apple are pushing updates for a reason, sure new features and functionality, and security patches and closing vulnerabilities that can put your data at risk or your corporate environment. It would be best to use an MDM (Mobile Device Management) software that your carrier might provide, or you can purchase an MDM program that meets your specific needs. MDM programs will allow you to push and install updates when they become available.
- Make sure that you log out of programs and apps when you are not using them….for obvious reasons.
- Load anti-virus and MDM programs on all corporate devices and personal devices if you allow them to be used for business reasons, which I would not recommend.
- Don’t click on links in text messages unless you expect a known sender.
- Educate users of the threats to mobile devices as part of your employee onboarding.
With all the gloom and doom, how can we really protect ourselves and our corporate networks from hacking with the trick of making sure that we keep our employees productive? The authentic tug of war is convenience on one end of the rope, security on the other end, and budget and productivity in the middle.
Let’s get into many options you have for security, which we have already covered mobile devices; now let’s look at the rest, which some would say are the most vulnerable of them all, or at least they are the biggest target with the biggest reward. When it comes to security, you have to understand that there is going to be end-user noise, people resist change, so it does take some level of grit to ensure that security and a culture of security are explained to the end-users and end-users are trained and tested on how to identify security risks, and who to report those events too.
Look for part five in next month’s issue of Small Business Monthly.
Scott Lewis is the President and CEO of Winning Technologies Group of Companies, which includes Liberty One Software. Scott has more than 36 years of experience in the technology industry and is a nationally recognized speaker and author on technology subjects. Scott has worked with hundreds of large and small business to empower them to use technology to improve work processes, increase productivity, and reduce costs. Scott has designed thousands of systems for large, medium, and small companies and Winning Technologies goal is to work with companies on the selection, implementation, management, and support of technology resources. Learn more about Winning Technologies at www.winningtech.com or call 877-379-8279.