Security in mobile devices
MOBILE DEVICE SECURITY
Mobile device security involves protecting mobile devices such as smartphones and tablets from threats and vulnerabilities that can compromise data integrity, confidentiality, and availability.
Some Common Attacks:
Phishing
Phishing the number one mobile security threat, is a scamming attempt to steal users’ credentials or sensitive data, such as credit card numbers. Fraudsters send users emails or short message service (SMS) messages (commonly known as text messages) designed to look as though they’re coming from a legitimate source, using fake hyperlinks.
Malware and ransomware
Mobile malware is undetected software, such as a malicious app or spyware, created to damage, disrupt or gain illegitimate access to a client, computer, server or computer network. Ransomware, a form of malware, threatens to destroy or withhold a victim’s data or files unless a ransom is paid to decrypt files and restore access.
Unsecured Wifi
Unsecured wifi hotspots without a virtual private network (VPN) make mobile devices more vulnerable to cyberattack.
Excessive App Permission
Mobile apps have the power to compromise data privacy through excessive app permissions. App permissions determine an app’s functionality and access to a user’s device and features, such as its microphone and camera. Some apps are riskier than others. Some can be compromised, and sensitive data can be funneled through to untrustworthy third parties.
Mitigation Techniques:
Device Encryption:
- Encrypts data stored on the device to protect it from unauthorized access.
Authentication and Access Control:
- Controls who can access the device and its data.
Mobile Device Management (MDM):
- Allows organizations to manage and secure mobile devices used by employees.
Application Security:
- Ensures that apps running on the device are secure and do not pose a threat.
Network Security:
- Protects data transmitted over networks.