5 Mobile Security Threats That You Should Be Cautious of in 2018
Mobile Security is now an integral part of enterprise security. Mobile malware has become a thing to reckon with for individuals as well as for enterprises big and small.
With smartphones becoming a part of our day to day lives, we end up doing all kinds of transactions and communications using them. Similarly, for an enterprise today, mobile devices have become a major element of their business network itself. Employees now use all kinds of personal mobile devices to connect to work and access corporate data. This makes mobile security important, since there’s always a possibility that corporate data could get into wrong hands and thus cause irreparable damage to companies.
Thus, with mobile malware infections becoming a not so uncommon thing, here is a list of five major mobile security threats that you need to be cautious of in the coming year, 2018-
Various kinds of data leakage…
Data leakage should be seen as one of the most worrisome among mobile security threats. There are different kinds of data leakages, but the most notable one is that which happens due to users not being cautious about apps and app usage. Mobile application security should top the list of priorities for any individual user or enterprise. Other than the data leakage caused by callousness as regards app security, there are the leakages that happen due to other errors, like the ones that happen as the result of inadvertent pasting of confidential info at the wrong place, security issues that happen when company employees transfer enterprise files/data onto a public cloud storage service, leakages that happen when an email is wrongly sent to an unintended recipient etc. DLP (Data Loss Prevention) tools and MTD (Mobile Threat Defense) solutions need to be used to prevent such data leakage issues.
Threats arising out of physical device breaches
Physical device breaches have to be considered as a not so uncommon probability. Devices can get stolen or get lost and thus fall into wrong hands. If such stolen or lost devices don’t have strong PIN/password or if they don’t have full data encryption, such incidents could cause serious consequences. Some recent surveys seem to suggest that most personal devices used by employees to access enterprise data lack proper security measures including encryption; the survey results also seem to suggest that there are companies that go for shared passwords across the personal/work accounts that are accessed via personal mobile devices. Thus it becomes important that steps are taken to protect data from mobile security threats arising out of physical device breaches.
Threats caused by Wi-Fi networks
There are threats to mobile security that arise when people use their devices to connect to public Wi-Fi networks. On many such occas ions, our data wouldn’t be as secure as we think and there could be breaches happening when data is being transmitted. Survey results suggest that many corporate employees using personal devices for work-related purposes tend to use Wi-Fi networks much more than they use cellular network; most of them tend to connect using open and potentially insecure networks. In such cases, MITM (Man-in-the-Middle) attacks could happen rampantly and cause data leakage. The only solution is to ensure traffic encryption and to go for VPN (Virtual Private Network).
Mobile security threats caused by social engineering
Research and studies show that now mobile device users are getting more and more susceptible to phishing scams compared to those using desktops. Thus mobile security threats caused by social engineering deserve to be seen as a very important aspect of enterprise security and security of any internet user. Cyber criminals are now targeting mobile device users with all kinds of social engineering strategies.
Threats that occur due to devices that are not up to date
Mobile devices today don’t come with guarantees of timely, ongoing software updates. Android is complicating things, with many Android mobile device manufacturers being ineffective at keeping products up to date. This applies to the OS as well as the regular, monthly security patches; many devices are not even designed to get updates. Thus, devices that are not up to date could cause grave mobile security threats.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.