In an era of smartphones and tablets, our information moves with us. We work on the move, bank on the move, shop on the move, and all our sensitive information comes along for the ride. Credit card data, banking data, usernames/passwords, location data, and private company information are stored on and accessible from mobile devices. If you’re not careful, criminals may take advantage of the lack of mobile security protection to gain access to the same data that is safely maintained on your computer.
What Are the Risks of Mobile Devices?
Perhaps the most obvious risk is simply losing your device. If it isn’t secured with a password, PIN, or other locking method, your data is readily available to the next person who picks it up. If you save important account credentials on your phone, the device becomes a gateway to all kinds of sensitive data. Even a PIN or password can be cracked if it’s easy to guess or if your device doesn’t limit the number of incorrect login attempts.
Other threats are less obvious, and you may be unintentionally exposing yourself to danger through normal use. From GPS to Wi-Fi to the very apps you download, cyber threats come from places you’re not expecting.
Geotagging: This involves using the location logging feature built into your device to track your movements. Some apps, like those for navigation, genuinely need location information, but others may be hoarding this geographic data to sell your movements to third parties without your knowledge or consent. Both Snapchat and the Flashlight app settled with the Federal Trade Commission for selling location information without the user’s knowledge or consent.
Geotagging can also threaten personal safety and privacy, especially for domestic abuse or stalking victims. Access to your tracker or automatic geotagging in apps like Facebook or Foursquare reveals your location to criminals, making a person vulnerable to robbery, stalking, and assault. It could also be accessed by law enforcement without your knowledge to track your movements for simply being close to a crime scene.
Unsecured Wi-Fi: “Wi-Fi Network available” seems to pop up every time we enter a building; however, just because Wi-Fi is available doesn’t mean it’s safe. Unsecured Wi-Fi networks may be convenient, but they leave you exposed to hackers who can compromise your device.
App Stores: Apps can carry malicious code that give hackers extensive access to your device’s data without you knowing it. According to McAfee’s 2016 Mobile Threat Report, a total of 37 million apps in legitimate app stores were found to either be suspicious or contain malware. It is vital to only give permissions for what the app genuinely needs to function. Check app reviews and avoid non-official apps if you are unsure of their legitimacy.
Poor Software: Developers may use weak encryption or have vulnerabilities that go unnoticed before the software’s release. Unfortunately for users, these threats are up to the developers to find and resolve, and the time it takes for such patches to be released can leave you and your data vulnerable. Make sure to also read the release notes for each update as previously integrated security features may be removed.
How to Protect Your Mobile Device
There are many simple ways to keep your phone or tablet safe.
- Always lock your phone with a secure password. Fingerprints are more unique and secure than normal passwords or pattern locks, and you should take advantage of this security capability when offered.
- Avoid opening emails or clicking unknown links that seem suspicious.
- Always know what permissions apps have to your device and avoid downloading apps not officially licensed by a reputable company.
- Use unsecured Wi-Fi sparingly (if at all), and when you do, do not access sensitive information like bank accounts or credit cards.
- Keep your operating system up-to-date since many updates provide new security patches to protect against an endless cycle of potential threats.
For coverage beyond the mobile device’s built-in security, you can also choose a third-party mobile security suite that protects your device. While some extensive security suites can impact speed and performance of your phone, others are streamlined and have little noticeable impact.
Professionals storing private company information on mobile devices may want to invest in stronger security. Luke Bragg, Senior Systems Administrator at Anderson Technologies, suggests company phones and tablets implement strong encryption software and an agent capable of wiping the device remotely in case of loss or theft. This will keep company data secure no matter where your device ends up.
With each new feature your mobile device offers, new threats emerge that can slip into your data unnoticed, but the cost of these conveniences doesn’t have to be high. Be aware of the dangers you can safeguard against and proactively take steps to reduce the risk or damage of those you can’t stop. You are your own best defense.