When I question people of what type of security software they have on their phone, it turns into an ah-ha type moment. “What software?” Then I follow-up with my next question, do you use your phone for banking? Typical answer is yes. When it comes to our desktops and laptops, no one would imagine NOT having some sort of security platform installed. So why do we have this attitude towards our phones?
Consider this statement from Webroot’s 2016 Threat Brief…
By the end of 2015, 52% of all new and updated Android apps were determined to be unwanted or malicious, while only 18% were benign. This is a striking change from the beginning of 2014, when only 21% of new and updated apps were found to be unwanted or malicious, and 27% were classified as benign.
iPhone users often believe that security isn’t necessary since this only happens to PC and Android users. If you are on a phishing site and you enter your banking credentials, does it really matter what platform you are on? Apple users need to review my blog on this.
Threats have more than doubled and our response hasn’t matched.
Here is my list of ways to rethink your smartphone:
1. Think of your Smartphone as a Computer
If we think it’s a computer, then we will treat it like one and do the necessary best practices that we do with our desktop and laptop such as encrypting your device, better and longer passwords and update/patch management to name a few.
2. Install a Security App
There are many free and paid versions. I prefer Webroot’s suite of products due to their cloud based architecture and light system resources. http://www.webroot.com/us/en/home/products/mobile/ Choose a product that has lost device protection, anti-phishing/safe web browsing and the ability to wipe data if you have sensitive information.
3. BYOD Considerations
As more organizations implement or revise their BYOD (Bring Your Own Device) policies, expect more scrutiny towards the phone you bring into the office network. If your phone is jailbroken or rooted, expect that device to be banned from accessing your company network. WatchGuard’s firewall software and wireless access point devices now do exactly just that, prevent unsafe wireless devices from accessing the network.
4. Assume that you can be monitored and no conversation is safe.
The recent 60 Minutes segment illustrates how just knowing your cell number is enough to hack you and listen in.
Recently BlackBerry CEO John Chen was in the news regarding his involvement in an RCMP probe. I do agree that we do need to assist law enforcement when called, however the controversy here as the article states “It would mean that police enjoyed years of access to Canadians’ personal cellphones without the public being any the wiser,”
Even though John Chen mentioned there are no back doors in the network, does it really matter since certain governments have the keys to the front?
I doubt that the majority of us would ever be a target for monitored conversations but at least we know from recent news, our communications are not as secure as we believe them to be.
The biggest takeaway is to ensure that you implement all possible safeguards around your phone. The recent Apple vs FBI battle about encryption has been a cause of concern for many tech companies and a good example of that is the recent move by WhatsApp implementing end to end encryption in their communications. As threats continue to the rise, the emergence of ApplePay and other mobile payment platforms that will change our shopping behaviors, we also need to look and change our behaviors on how we look at security on our smartphone.
BIT helps organizations with wireless deployments and implementing BYOD policies. Contact us for more information.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net