Protecting the Mobile Gateway
by Joshua Silberman, IT/Cyber Security Consultant, MGO Technology Group
Today’s world is more connected than ever. Not only are users sharing more information across the Internet than at any other time in history, they are doing so with a variety of devices available to the public. That’s hundreds of devices available for a user to connect and conduct various facets of their lives in a convenient and productive way. It also means thousands of potential vulnerabilities that nefarious actors can exploit. Mobile devices represent the newest threat to user security as more and more of our digital lives are accessed via these handheld computers. Given the popularity of these devices, it’s not surprising that hackers have turned their attention to how they can exploit vulnerabilities for personal gain.
Because mobile devices are often used outside of a regulated environment, such as an office or private network, they can be susceptible to attacks over public networks that purposely do not restrict access. Despite these inherent vulnerabilities, there are several steps you can take on your handset to help ensure that your device remains secure. Though this list is not all-encompassing, it will provide a handy guide to make sure your mobile environment remains a safe and reliable tool for you to use.
1. Keep your apps and operating system up-to-date
Updates will apply the most recent security patches to both your apps and operating system which is why you should apply the updates as soon as you see the notification from your phone. For an extra layer of protection you should consider allowing your apps to auto-update while the device is connected to WiFi.
2. Keep access secure
Always use a PIN, Passcode, or some form of Biometric Authentication to access your phone. No one, not even you, should be able to pick up your phone and access it without some form of verification. Though passcodes are still the strongest form of a security on a mobile device, you can provide an adequate layer of security by applying both Biometrics, such as a fingerprint or eye scan, and a backup pattern or PIN.
3. Limit points of access
When you are not using these features, you should turn off WiFi, Bluetooth, and the Near Field Communication (NFC) receiver. The less active access points available on your phone, the less likely someone will be able to exploit them. This doesn’t mean you should never use them. However, shutting them off when you are not using them not only lowers your attack surface, it’s healthier for the device’s battery. Many headsets also now include software that allows you automate turning these settings on and off with a single voice command. Try to make use of these tools to find the most efficient balance for your own lifestyle.
4. Mind your connections
Much like you would think twice about going to places where you may have doubts about safety, so should you be mindful about who and what you allow your phone to connect with. ONLY allow connections and access to devices, individuals, and apps you know you can trust. his includes only downloading apps from a trusted source such as the Google Play or Apple Apps Store. Additionally, be wary of any apps that request admin level permissions in order to function. Is having that one face filter really worth giving an app access to ALL of your friend’s contact information?
5. Keep the device tidy
Occasionally you should inventory the apps on your device and decide if you still actively use them. Deleting unused apps has an array of benefits, which include freeing up storage and processing power, reducing background usage, and reducing possible attack vectors from apps that are no longer updated by the developer. Most handsets now come with tools to allow you to list your apps based on the last time they were used. This can help you narrow down those that should be removed first.
6. NEVER jailbreak your phone
As temping as some might make it sound you should never ‘root’ or ‘jailbreak’ your phone if you wish to keep it secure. Doing so removes many of the protections that handset makers often put in place to prevent incompatible programs from interfering with the phone’s basic functions. Jailbreaking your phone removes these protections while also taking your operating system out of the regular update cycle. Jailbreaking your phone may also have the effect of voiding it for many Bring Your Own Device (BYOD) programs run by professional organizations.
To learn more about cyber and information security, for you and your organization, schedule a consultation with the experts at MGO Technology Group.