Name something that people carry everywhere, drop continuously and rely on to maintain relationships with others. Stumped? If you guessed mobile phones, you’re correct—they’re our most abused, loved and treasured devices—and with technology on the rise, more and more new high tech smartphones and tablets are being pushed onto the market faster than people can keep up with.
Just bought a new phone? Expect a bigger and better device to appear on the market two months later. While this fast-paced technology may be exciting in device capability, therein lies the problem.
Yes, new devices are nice and all, but they also create major vulnerability problems. Let’s be honest: most people who buy these phones don’t know what to do to secure them, especially when general users don’t know much about network or computer security at all. With new Bluetooth technologies and near-field communications, mobile phones actually have a lot more security risks than most people are aware.
When securing a mobile device like a tablet or phone, most of it has to do with security policy. Though that term may scare people (policy sounds something boring and work-related!), security policy simply is the term for the guidelines one follows when securing a device. Inadvertently installing untrusted apps that can control SMS/MMS, phone calls and can read into system files or settings are a big risk.
In an article on Mashable, reporter Karissa Bell speaks about the influx of “fake flappy bird” apps in the Android Market infecting thousands of Android devices. After the removal of the original app by the game’s creator Dong Nguyen, malware authors took to the Google Play marketplace to create “alternate versions” of the game for desperate players looking for the game. As a result, countless users’ phones have been infected with malware.
With all this new technology being released, people must stay vigilant in their security efforts. In an effort to educate people about strengthening their devices’ security, Bulb Security’s Georgia Weidman has created the Mobile Penetration Framework , a tool that allows users to access the security of their own smartphones in their environment just like modern penetration testing tools. Such efforts are beneficial for the average individual who doesn’t know much about security tools but still desires to protect their devices. At the end of the day, the most important thing for people to remember is the fact that mobile devices are just as vulnerable as “bigger” computers, such as PCs. Just because mobile devices may be smaller, the vulnerability risk does not shrink. Security must be employed at all times.