eLearnSecurity Blog

5 Tips to Keep Mobile Devices Secure

Smartphone users are increasing rapidly as technology develops in a faster pace. According to Worldwide Quarterly Phone Tracker report by International Data Corporation (IDC), over 320 million smartphone devices during the 3rd quarter of 2014 were shipped worldwide. This resulted to a 25.2% growth compared to 260 million units during the same quarter the previous year.

The rise of mobile device users also come with risks as mobile app developers are creating mobile applications for businesses to reach out to more clients. Organizations are not placing enough security measures to protect their data against mobile threats, such as malware infections.

mobile security tips

A recent survey report of IT Professionals by Checkpoint indicates that “75% of companies allow personal devices to connect to corporate networks and 82% of security professionals expect the number of mobile security incidents to increase in 2015.” See the full report here: The Impact of Mobile Devices on Information Security by Checkpoint

Five Tips for Mobile Security

We’ve asked eLearnSecurity IT Security expert, Francesco Stillavato, for his thoughts on how to protect your mobile device and prevent it from hackers.

1. Do not install applications from an unreliable source!

You have probably heard this phrase a lot of times. That’s because it is still the most important tip you have to consider if you really care about your mobile device data. Installing applications from websites (instead of official stores such as Google Play, iTunes, BB World…) is the first way to let a malware get into your device.

2. Keep your device updated!

In the same way you update your computer OS, you should do the same for your mobile. OS updates are the only way developers can deliver fixes, patches and of course patch vulnerabilities. Moreover, it also allows the user to use new security features (think about the last security features added in Android Lollipop).

3. Enable encryption!

Almost all mobile OSs have a very important security feature that you should really consider to enable: encryption! Just think about what would happen if someone gets your phone. What kind of information he or she would be able to access or edit? This applies to installed applications too. If your data is encrypted, not all the apps would be able to read them (but beware that this is not true for all mobile OSs).

4. That damn screen lock!

Yes, we all know it. Tapping numbers every time we unlock the phone is annoying, but it’s still our first line of defense. The pin, the password or the pattern we use to lock the device are the most important key to keep our data encrypted and safe. Unfortunately mobile phones can be lost or stolen, and if it ends in the wrong hands the PIN is the only defense we have.

5. Use Antivirus apps!

In the same way you protect your PC with AntiVirus programs, you should do the same for your mobile phone. The number of mobile malware is already huge. They spread via Web Browsers, SMS, Bluetooth and so on, but many of them use patterns that AntiVirus programs would be able to detect. Moreover a lot of these programs offer very important features that help us to keep our mobile safer, such as remote lock and wipe. The opportunity to remotely wipe, locate or lock my device is something I really want to.

Cybercriminals target mobile devices since this is a much younger medium for attack. Companies that allow their employees to connect to their company network are more than exposed to the dangers of having their data stolen and compromised. That’s why it’s extremely important to develop mobile applications that are secure and also provide mobile security training and security awareness training and policies.

Mobile Application Security and Penetration Testing

MASPT product boxIf you’re a mobile developer and you want to develop secure mobile applications, you can learn to encode while keeping security in mind. Get started with the Mobile Application Security and Penetration Testing Course for FREE here: MASPT FREE Trial

 

 


francesco stillavatoFrancesco Stillavato is a Senior IT Security researcher and instructor at eLearnSecurity with 6 years of experience in different aspects of Information Security. His experience spans from web application secure coding to secure network design. He has contributed to the Joomla project as a Developer and has conducted a number of assessments as a freelance. Francesco’s research is now focused on Mobile Application Penetration Testing on Android and iOS.

Twitter: https://twitter.com/litsnarf
LinkedIn: https://www.linkedin.com/in/stillavatofrancesco

Tags: ,

Leave a Reply

Your email address will not be published.

Go to top of page