These easy steps will secure your mobile devices
Cybersecurity experts revealed a shocking statistic recently. Malware attacks had amplified by an astonishing 500% during the opening months of 2022. This is particularly concerning considering many people still haven’t taken any steps to safeguard their smartphones.
For years now, the power of mobile phones has grown exponentially, to the point where they can do many of the same things as a computer. Despite this fact, people have been known to take better security measures with their computers than they do safeguarding their smartphones. This is surprising, given that both devices are equally vulnerable and valuable to both hackers and the end users!
It’s time to address this behavior and consider mobile devices are just as important, if not more so than the PCs we use every day. As of now, a staggering 60% of digital fraud happens through mobile devices, making them hazardous when you don’t take the necessary precautions. Fortunately, many of these protective measures are simply the same ones we use for our computers.
How to easily Improve the Security of Your Mobile Devices
Don’t Download Random Apps from Unknown Sources
Have you ever heard the phrase “there is no such thing as free Lunch?” Well, this is also true with applications. Why would someone spend time to make a game that will provide hours of entertainment for you, and have it cost nothing? Because, they will either send you ads, ask you to buy something, or steal your information. NEVER download applications to your phone from anything outside of the official application stores.
Trusted app stores include places like:
- Apple App Store
- Google Play
- The Microsoft Store
- Amazon Appstore
To ensure your phone’s safety, it’s essential to do some online research about the app developer before downloading. Make sure they have a reliable reputation, as bad applications can infect your device with malware that may stay even after deleting them.
Even from the official store, often times, the approval process of getting these apps misses software that sideloads malware. Just know that there is an inherent danger downloading applications to your phone. Keep in mind the things you do on your mobile device; you access all of your emails, all of your contacts, your bank, your pictures, and your MFA is configured on your phone, which is typically what you use to authenticate all of your other services. If it’s not an application you NEED, I would recommend just bypassing it all-together.
Use a Strong Password and Two-Factor Authentication
Protecting your mobile device from potential hackers is an absolute must. To ensure optimal security, make sure to utilize a robust password that cannot be easily guessed, and if possible, enable two-factor authentication (2FA), for additional safety measures. I always recommend setting up some form of biometric that is secure. This can be a fingerprint reader and/or, Apple FaceID. Pin codes are typically hard to guess, however unlock patterns are much easier!
Wonder How a Pattern Can Be Guessed?
Do this experiment: Take your finger and slide it in a pattern that is typical of the unlock pattern that would be used on a phone. Now take your phone and look at it sideways in the light. You will see your pattern is clearly visible from the grease on your finger across the screen. If your phone falls into the wrong hands, they could easily view this pattern and unlock your device. I always recommend to use a pin or a password in conjunction with biometrics.
Pay Attention to Permissions When Installing Applications
When you are installing an application on any Android or iOS device, you will need to grant the application access to certain parts of the device. For example: If it’s a camera application, odds are that it will need access to your storage, and maybe even your location, since often times pictures are geotagged. However, if the same application requests access to your Contacts, call logs, or SMS, then it should raise red flags. Only provide applications with permissions that it needs to run, and nothing extra. You can go into the permission manager on your mobile device, edit these settings, and take away unnecessary permissions.
Use Mobile Anti-malware
Don’t forget to protect your mobile phone with antivirus/anti-malware! Malicious software can easily infest smartphones and tablets, so make sure you have a dependable anti-malware app installed. Again, it is extremely important to only use software from reputable developers, or you can potentially download an “antivirus” that actually sideloads malware on your mobile device.
Don’t Assume Email is Safe
Although it is much more convenient, people should not assume that checking email on their phone is any safer than using a computer. Unexpected and suspicious emails can easily be disguised to look legitimate, so always be cautious before clicking on any links. If you’re unsure about the safety of a particular link, open the email on your computer instead, using a sandbox.
Beware of SMS Phishing (aka “Smishing”)
In March 2022, an unprecedented surge of text spam was observed; this figure was 30% higher than robocalls. Dubbed as “smishing”, it is the SMS version of phishing, wherein malicious links are sent that may lead to your device being hacked when clicked. In some cases, smishers will also ask you to reply back with personal information, which can be used for fraudulent activities.
Pay close attention to any text messages that seem suspicious or don’t make sense, such as an unexpected shipping notification. Also, be wary of texts from unidentified sources, since phishing via SMS is becoming more and more common – unfortunately many people are still unaware of this evolving scam so they can easily become victims.
Remove Old Apps You No Longer User
With over 2.6 million apps not being updated for a year or more, the possibility of hackers exploiting their vulnerabilities is alarmingly high. Unfortunately, some developers tend to abandon their applications; leaving your device exposed and vulnerable without you even knowing it! To guard yourself against potential breaches in security, go through all devices on hand and clear out any unused apps that have remained untouched for an extended period of time – there’s simply no excuse to keep them around!
Additionally, always pay attention to the last time an app was updated; if it’s been more than a year, consider replacing that app with something newer. App updates typically include crucial security-related components – which is why it’s not advisable for a period of one year or longer to pass without any form of update from the developer.
Keep Your Device Updated
Staying up-to-date with your device’s OS is necessary for optimal security. Are you running the newest version of Android or iOS? If not, you risk creating weaknesses that hackers can exploit to compromise your data. Automating updates should be a priority if possible; particularly when managing multiple devices as part of a business plan. It would then make sense to include phones on an IT services package. These services are typically offered as Endpoint Protection that includes protecting your mobile devices. If you are currently using a Managed Security Service Provider (MSSP) make sure you ask about protection of your mobile endpoints. If your company does not currently have a reliable technology partner, checkout AlphaCIS to see how they can help secure your business endpoints.
You STILL Have to Use VPN
Unfortunately, when it comes to public Wi-Fi, you STILL have to use a VPN service. While most people are aware of the risks associated with public Wi-Fi, they still connect to it due to various reasons. Perhaps you’re concerned about exhausting your data plan allotment or you have encountered a slow mobile carrier reception. Nevertheless, these explanations do not justify connecting to unsecured public hot spots, and one should absolutely be vigilant when doing so.
If you’re looking to surf public Wi-Fi securely and without worry, then a Virtual Private Network (VPN) is your saving grace! VPNs stand guard between your device and the internet. It acts as an encrypted tunnel that routes all of your data through a secure server, keeping it out of reach from any malicious “eyes” lurking on open networks. Investing in this security measure will provide you with greater peace-of-mind when surfing online in public.
Mobile Security Solutions to Prevent a Data Breach
If your business relies heavily on BYOD (Bring Your Own Device), (employees using iPads and other mobile devices to perform their work on), or you are trying to meet a compliance standard, reach out to AlphaCIS, a Managed IT Services Provider (MSP) and a Managed Security Services Provider (MSSP) to see how they can help secure your endpoints. Remember, it’s much cheaper to prevent a breach than to mitigate one after it happens.
Dmitriy Teplinskiy
I have worked in the IT industry for 15+ years. During this time I have consulted clients in accounting and finance, manufacturing, automotive and boating, retail and everything in between. My background is in Networking and Cybersecurity