Smartphones and tablets are often the preferred devices for communications and web searching. Partly because they’re more portable and can be used anywhere.
The downside, however, is this has caused mobile devices to become targeted more over the past few years as hackers have been creating mobile malware to breach them. Since they’re holding much of the same sensitive information and app access as PCs.
So, it’s now more important to start treating mobile devices in the same way as you do other computers when it comes to their security. Ensuring you have security protections in place that include:
- Antivirus or anti-malware and systems monitoring software
- DNS filtering
- Automated OS and app updates
- Managed data backup
- Cyber Security awareness training for employees
You also need to be on the lookout for the most prevalent mobile device threats that allow your data to be leaked. And the best way to determine what your own specific business needs are is to carry out a Cyber Security Audit.
So, here’s a quick roundup of what those are right now.
Mobile Malware Hidden in Apps
It’s not easy at first glance to tell the difference between a legitimate free app and one that has malware hidden inside.
Scammers will use the same types of flashy graphics and the app may even have a high star rating. The app may even do what it says it will do when downloaded.
But the problem is that malware can be hidden in the background. Infecting a device as soon as the app is installed. And many of these apps will hide once on your phone or tablet. Often by using the icon of a common default system app (like settings or calendar).
The unfortunate reality is that mobile malware can include all the same types of malware that can infect a computer. Such as ransomware, adware, spyware, trojans, and more. And you can need to be wise about that.
Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check to see if the communication was encrypted?
As business users are increasingly moving to hybrid and remote working many users will use various methods of communication from their mobile devices. Without really knowing how secure those methods are. If sensitive information is transmitted and it’s not encrypted, then a hacker could easily intercept it. Which leaves the user and your business systems wide open to attack.
TOP TIP – think carefully about the type of information you are communicating over channels that are more open than others.
Public Wi-fi & Man-in-the-middle Attacks
Public Wi-Fi has long been known to be non-secure. Yet people still insist on using it when it’s available to save mobile minutes or get a faster connection.
However, if you’re on public Wi-Fi, then you’re at a very high risk of a man-in-the-middle attack. This is when a hacker connects to the same network and looks for victims with unprotected communications. They can then capture any type of data the user is transmitting.
TOP TIP – one way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications.
Juice Jacking on Public USB Charging Stations
Another public mobile breach danger is public USB charging stations. These are often welcome sights especially if you’re low on battery power. However, hackers can infect public USB charging ports with malware and set up fake charging stations in public areas.
Then, when you insert your USB cord to charge your device, the malware is copying all the data on your phone and/or infects it with malicious code. Since USB cables aren’t just for charging, they are also used for data transmission.
TOP TIP – it’s best to avoid public USB charging ports and charge with your power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cord to use if USB charging is your only option.
When your mobile device is not kept updated, then it’s easier for a hacker to use an exploit that takes advantage of a code vulnerability in the OS. Or one of the installed apps.
Many companies aren’t paying attention to how many employees’ work devices are running current operating systems. Which puts their business networks at higher risk of a breach.
TOP TIP – you should ensure that all your apps and your OS are kept updated because many of these updates include critical security patches.
Ask Us About Mobile Device Security Solutions
With mobile devices handling so much of the computing workload these days, they must be properly protected.
And ideally, you want to do that as part of a wider IT security solution for your business. If we can help with that process then please do not hesitate to get in touch. Our highly experienced team has extensive experience in protecting small and medium-sized businesses – and that expertise is available to your business right now.