LANSING – By
2017, the number of smartphone users in the United States is expected to
surpass 200 million, nearly 65 percent of the population. Negotiating security
in the face of an ever growing implementation of mobile devices presents
serious challenges for organizations. Risks include the growth of Bring Your
Own Device (coupled with a lack of security controls for these devices), loss
or theft of devices, and the proliferation of mobile malware.
Users need
to understand the risks and the steps they can take to minimize them,
particularly as cybercriminals often use employees as the entry point into an
organization’s network.
Below are some
key actions users can take to help minimize the likelihood of a successful
cyberattack offered by the Multi-State Information Sharing & Analysis
Center.
Regularly
update your device
Mobile
malware increased 75 percent in 2014 from 2013, and further increases in
malware are expected in 2015, particularly in mobile ransomware. Updated operating
systems and security software are critical in protecting against emerging
threats.
Enable
encryption
Enabling
encryption on your smartphone is one of the best ways to safeguard information
stored on the device, thwarting unauthorized access.
Use a
passcode
In case your
phone ever does fall into the wrong hands, don’t make it easy for someone to
access all your important information! Enable strong password protection on
your device and include a timeout requiring authentication after a period of
inactivity. Secure the smartphone with a unique password not the default one it
came with. Do not share your password with others.
Do not use
public Wi-Fi
Do not log
into accounts and do not conduct any sensitive transactions, such as shopping
or banking, while using public Wi-Fi.
Disable the automatically connect to Wi-Fi setting on your device.
Install
applications from trusted sources. Last fall, Gartner issued a prediction that
more than 75 percent of mobile applications will fail basic security tests
through 2015. When downloading apps, be proactive and make sure that you read the
privacy statement, review permissions, check the app reviews and look online to
see if any security company has identified the app as malicious.
Install a
phone locator/remote erase app
Misplacing your
device doesn’t have to be a catastrophe if it has a locater app. Many such apps
allow you to log on to another computer and see on a map exactly where the
device is. Remote erase apps allow you to remotely wipe data from your device,
helping minimize unauthorized access to your information in the event you
cannot locate the device.
Disable
unwanted services when not in use
Bluetooth
and Near Field Capabilities can provide an easy way for an unauthorized
user nearby to gain access to your data. Turn these features off when they are
not required.
Carefully
dispose of mobile devices
With the
constant changes in the smartphone market, many users frequently upgrade to new
devices. Make sure you wipe the information from your smartphone before disposal.
For information on how to do this, check the website of your mobile provider or
the manufacturer.
The MS-ISAC
is the focal point for cyber threat prevention, protection, response and
recovery for the nation’s state, local, tribal, and territorial governments. The
MS-ISAC 24×7 cyber security operations center provides real-time network
monitoring, early cyber threat warnings and advisories, vulnerability
identification and mitigation and incident response.
