Secure IT Support and Services

Assured For All Our Clients.

Top Tips :

Mobile Device Security Top Tips

Summary

A few pointers mobile device security top tips to ensure that your mobile devices are safe from prying eyes and data thieves.

Content

While the recent mobile device security exploits highlighted voicemail security, it is also good practice to consider the following potential issues with mobile device security, most of which arise from the fact that our mobile devices are now more akin to portable computers with a built in modem, but without the rudimentary security controls that we take for granted on our corporate PC’s and IT systems;

1 The encryption used to secure communications between the phones and the access points (APN’s) provided by Vodafone et. al. is known to be “crackable”. However this needs a high degree of opportunity (you need to be close to your intended victim) and skill to achieve. Top tip for mobile device security here is not to worry too much about it unless you are at risk from organised crime etc.
2. You can be traced by the GPS signal on your phone, again the risk of local phone hacking once someone knows your location using GPS is low. Top tip for mobile device security here is not to worry too much about it unless you are at risk from organised crime etc.
3. Bluetooth hacking on certain phones, resulting in people manipulating phone settings, number in memory and dialling number using the compromised devices. Top tip for mobile device security here is to make sure that your mobile device is not susceptible to bluetooth attack, or disable bluetooth if you are in “hostile” environments.
4. Wi-Fi hacking for users who have either connected to open networks or those networks which have poor encryption. Top tip for mobile device security here is to make sure you dont connect to unsecured or WEP encrypted wireless network. Turn off wireless unless you really need when in “hostile” environments.
5. Honey Pot Attacks – this is where unscrupulous hackers set up a WiFi access point which has a network sniffer set up and configured to record all traffic passing over it, including passwords, emails, and other non-encrypted network sessions. Top tip for mobile device security here is to make sure you dont connect to unsecured or WEP encrypted wireless network. Turn off wireless unless you really need when in “hostile” environments. Also make sure that email settings etc. are set to use encrypted protocols where possible.
6. Many mobile phones use email sessions that does not use secure protocols that are options as part of most email provider configurations. It is then relatively simple to intercept network sessions on badly configured wifi networks, potentially resulting in unauthorised disclosure of personal or business information assets. Top tip for mobile device security here is to make sure you dont connect to unsecured or WEP encrypted wireless network. Turn off wireless unless you really need when in “hostile” environments. Also make sure that email settings etc. are set to use encrypted protocols where possible.

However, losing your phone and not encrypting the data on it is the biggest risk, if you don’t take sensible precautions such as encrypting your phone and setting it to wipe on unsuccessful decryption attempts, then it would not take long for data on a lost or stolen device to be in the hands of criminals, business competitors or other threat sources.

Submitted

July 23, 2011

Home | Back