Mobile security is the protection of smart phones, tablets, laptops and other portable computing devices and the networks they connect to from threats and vulnerabilities associated with wireless computing Mobiles security is also known as wireless security.
What is Mobile Security
Today’s large companies each spend an average of $40 million annually to develop mobile apps we use to shop, bank, departmental store and more.
However, only an average of 7% of this immense budget is spent on securing these apps against hackers and security breaches. 50% of companies have zero budget dedicated to securing their mobile apps.
How Secure are your Mobile apps?
- 75% Don’t use proper encryption when storing data on a mobile device.
- 98% Have access to private data without appropriate security measures.
- 78% Mobile security breaches will be the result of exploiting poorly developed mobile apps.
Types of Mobile Malware
A study showed 8 out of 10 malware instances were worms spready by USB Removable devices.
MCAffe antivirus found that 10% of mobile devices are infected more than 400 new threats every minute.
- Adware = Spyware that collects information about the user to relay to a third party for purchasing patterns. Usually disguised as a legitimate app.
- Bots= Applications that can run in background undetected. Can be quite sophisticated and adaptable May have capability to contact botmasters to execute commands.
- Trojans= Varying effects that can be mildly annoying or completely destructive. Usually are hidden and attached to applications that seem harmless. Ransomware is typically a member of this family of mobile malware. Can be quite sophisticated and adaptable
- Phishing= Website that are set up to entice users to enter, then steal credentials and personal information.
- Spyware= Monitors, logs, and shares information with remote servers on personal activity, text messages, e-mails, voice recordings, phone calls, contact lists, location, pictures, status etc.
The Ricks Behind the Apps
- Accesses device management and restricted security ApIs necessarily
- Accesses or requests super user permission
- Exploits operating system or zero-day vulnerabilities
- Roots or jailbreaks device
- Steals login credentials
- Communicates with known malicious IP addresses and domains
Moderate Risk Behaviors
- May be a risk if performed by apps from unknown or untrusted sources
- Reads and Sends e-mails
- Read and sends SMS messages
- Reads and sends GPS information
- Uploads user information without permission or without notifying user
- Includes SSL vulnerabilities that enable communications to be intercepted
- Installs boot time startup item
Mobile Security in the world statistics
- More than 69% of adults have had a mobile devices stolen or lost
- Yet 9/10 of people don’t use mobile security applications that could help them protect data when someone else has the device.
- 89% of those surveyed do not back up their phone data
- 78% of those surveyed do not use a screen lock or password to access their device
- Although 83% of us are aware of the increased security risk of public WiFi, 76% still connect to public networks
Mobility is changing the way we live and work
- Internet connected mobile devices are set to outnumber human
- 82% of employees store sensitive company data on mobile devices
- 89% of tablets used by mobile workers are personally owned
- Mobile works now carry on average 3 devices Laptop, Mobile and Tablet
- 63% of people check their mobile phone in the morning before getting up
- Half of the devices on corporate networks will be mobile devices by 2019
Which types of applications or systems present the highest security risk to your business?
- Customer facing web apps = 33%
- Mobile apps = 25%
- Desktop apps = 12%
- Embedded systems = 21%
- internally facing web apps = 9%
Ways to Block Mobile Attack
Don’t let your guard down just because you’re on a mobile device. Be just as careful as you would on a desktop!
. Don’t allow your device to auto-join unfamiliar networks
. Always turn off WiFi when you are’nt using it or don’t need it
. Never send sensitive information over WiFi unless you’re absolutely sure it’s secure networks
. Only use apps available in your device’s official store – Never download from a browser.
. Be wary of apps from unknown developers or those with limited/ bad reviews.
. Keep them updated to ensure they have the latest security.
. If they are no longer supported by your store, just delete it.
. Don’t grant administrator, or excessive privileges to apps unless you truly trust them.
. Watch out for ads, giveways and contests that seem too good to be true. Often these lead to phishing sites that appear to be legit.
. Pay close attention to URLs. these are harder to verify on mobile screens but it’s worth the effort.
. Never save your login information when you’re using a web browser.