Mobile communications technology has moved on a long way from 1985 when comedian Ernie Wise made the first “public” mobile phone call in the UK from outside the Dicken’s Pub in St Catherine’s dock to Vodafone’s HQ. Today the vast majority of smart phones in your pocket have more computing power than the computers used by NASA for the Apollo 11 moon landing.
According to Statista the current number of smartphone users in the world, as of March 2021, is 3.8 billion and this means 48.33% of the world’s population now owns a smartphone.
Our entire life is contained in the small glass slab that’s in your pocket. From emails and private messages to photos and videos of your most treasured moments, it’s all there. However, you probably don’t spend anywhere near enough time making sure your phone is configured to protect your secrets as you should do.
Mobile security has been a commonly overlooked threat for years. Phone security in general is one of those things that, isn’t a problem until it is, and when it is, it’s usually a pretty major problem!
A mobile security threat is a means of cyber attack that targets mobile devices like smartphones and tablets. Similar to a hacking attack on a PC or enterprise server, a mobile security threat exploits vulnerabilities in mobile software, hardware, and network connections to enable malicious, unauthorised activities on the target device.
Get the basics right:
- Always pick a strong passcode or password, obviously, you should pick a passcode to lock your phone that can’t be guessed, even by someone who knows you. So, don’t use your birth year, your address and absolutely don’t use 0000 or 1234! Better yet, use a password or a passphrase. Make sure it’s one you don’t use anywhere else… a PIN or passcode is better than a pattern swipe.
- Always use a unique password for all your accounts, we’re going to repeat this one because it’s so important: NEVER reuse the passwords you use for your important accounts – especially your email accounts. Let’s say you’re one of the approximately one billion users who had your Yahoo account breached. If you’re using that same password for any other account, it may be vulnerable – even if you don’t even remember ever having a Yahoo account!
- Lock your apps. You have a password or PIN on your phone to stop people from getting inside it if it falls into the wrong hands, but sometimes it isn’t enough. There are times when you will want to hand your unlocked phone to the people around you – showing family or friends photos or giving it to your kids to play on.
- Use official apps and delete apps you’re not using. Instead of using a browser to access Facebook or Twitter, use the official apps for these sites, which have built-in encryption technology. Always shop in the official stores of your mobile platform and check reviews to make sure the apps you’re downloading are safe.
- Turn off your Wi-Fi and Bluetooth when you aren’t using them. Having both of these running all the time makes it easier to track you. Protect your privacy (and preserve your battery) by turning them off unless you know you’re actually using them.
- Hide leaky notifications. Travel isn’t really an option for lots of people right now but there’s nothing more mortifying than someone peering over your shoulder on public transport and seeing notifications pop up with the full message contained. It’s a feeling that’s also repeated when you’re sharing your screen with colleagues and a gossip-filled message about the meeting you’re in flashes up.
- Write down your new phone’s IMEI number, If your smartphone is stolen, the police will likely ask for your IMEI (International Mobile Station Equipment Identity) when you report it. It’s unique to your phone (or 3G/4G tablets) and you can normally find it on the box, battery or in the settings.
- Check for stalkerware. There’s been a troubling rise in stalkerware in 2020. On phones, stalkerware manifests itself as apps running in the background that can record and track everything a person does. The technology can appear invisible unless you go specifically looking for it and is a form of coercive control and tech-abuse. If someone has installed stalkerware on your device there are a few tell-tale signs it may be there. A phone may run hot and see its battery levels drop quickly.
- Encrypt everything. While your Android phone’s passcode protects your files and data from being accessed by someone trying to access your phone, it doesn’t always secure the data stored on your phone at a technical level. For this, you need to encrypt your device’s disk. Turning on encryption means that the files can’t be accessed by anyone trying to extract them from your device unless they have the passcode. “Encryption ensures that even if an unauthorised party tries to access the data, they won’t be able to read it. Apple iOS 8 and later versions are encrypted by default whenever the phone is locked with a passcode or Touch ID.
- Set up your photos and videos to back up automatically. Either use the service your mobile platform offers or a third-party, so you don’t have to worry about losing the contents of your device, which really are more valuable than the device itself.
- Set up remote wipe capabilities. This ability enables you to remove any data from your phone, even if you no longer have the physical phone itself. It’s a great safety feature in case your phone is lost and you can’t find it. The process to set up remote wipe differs by device.
- Put security software on all your mobile devices. Mobile Threat Detection (MTD) is designed to detect malware and potentially harmful mobile applications as well as mobile phishing attacks similar to Antivirus on your PC. Cybersecurity companies have been increasingly detecting stalkerware code through their MTD tools.
Finally, business owners should seriously consider the following systems to protect business data and ensure the devices accessing that data adhere to the business security polices.
- Mobile Device Management (MDM) provides security management of the device and enforces security policies.
- Mobile Application Management (MAM) lets you control your business data in your users’ personal devices, such as iPhones and Androids.