Mobile phones are actually just little computers you keep in your pockets – and this is also the way you have to look at them. Many people forget about security as an important factor concerning mobile phones. However, if you don’t look out, you risk that the same thing will happen as what happened to computer security in the 2000s: newer and newer viruses emerged, and manufacturers tried to fight them in vain – once they took down one, a new one came out. When people found out that this situation must be controlled, cybersecurity as one branch of IT started to develop. Today we will show you the 6+1 factors you need to consider if you want to ensure security not only on your computers but on your mobile devices as well.

1. Identifying and disarming mobile malware

Computer viruses are becoming smarter and smarter. Earlier we have written about Trojan viruses which are so good at concealing themselves that they usually come to light only when it’s too late. Mobile viruses are no different. Mobile viruses may be mass produced or even personalised as well. The latter choose their victims based on their behaviour.

The best solution against these malwares is the creation of a system which can trace real time viruses and devices. After that, with the help of Big Data and Machine Learning the system is able to filter out the patterns from which you can later predict the type of behaviour it reacts to and where it is likely to appear next.

2. Detecting and filtering rooted or jailbroken operating systems

Rooting is a common practice among Android users, since many people choose this solution in order to for example delete the default applications to make room for more memory. However, if the process falls into the wrong hands, it can cause much more harm, because by carrying out the rooting, the adversary obtains all rights of a given device. They can access every setting and all data. Jailbreaking is a similar process to this one, although it is mostly used for devices running on iOS.

In order to prevent such an attack, you would need to collect all data from the given device (including hardware data, the operating system and all settings). In the case of an attack that seems suspicious or the sudden change of one of the properties you have to compare the real time data to those that had been collected earlier. This way you can filter out suspicious activity more easily.

3. Filtering out sideloaded apps

Sideloading (meaning getting an application from a source that is different from the official app store) can cause serious problems for both the user and the company. Since devices running on Android allows the user to access applications from not trusted sources, if you don’t analyse the source code, you can never be sure if the application you just downloaded is real or contains malware.

Besides only downloading applications or app updates from official, trusted sources, you can also allow your employees to be a bit less rigid – but in that case you must check every single application by analysing the code and the source it comes from.

4. Identifying and disarming system-based man-in-the-middle attacks

There are Wi-Fi networks, typically at airports or hotel lobbies, which promise you Internet access if you accept the terms and conditions, and they are posing a big threat actually. What these terms and conditions contain is that for the Internet use, you give the service provider access to certain data on your device. These data are often confidential, and their leakage may threaten the business life of a company. And it may as well become the basis of a man-in-the-middle attack later. The point of such an attack is that it hijacks the communication of two parties by stating on both sides that it is the other party.

Unfortunately it is not always enough if you simply don’t join Wi-Fi networks which are not protected by a password. If you want complete security, then every time your device joins a new network, the system should review the terms and conditions, and compare it to one that had been evaluated and trusted before and whose parameters had been set to the right ones. That way you don’t have to be afraid of untrusted service providers accessing your confidential data.

5. Filtering out non-compliant (but non-malicious) apps

There are applications which cannot be clearly viewed as good or bad, but they fall into a strange internal area. These apps are usually ones which are not malicious in themselves, but they have access to data which a company would actually like to protect. The application also forwards the data. Such an application can be for example one which has access to all phone numbers and names on a given phone. The data on a CEO’s or a sales manager’s phone are actually quite sensitive; it wouldn’t be lucky if they got out.

In this case, the solution is if you make a list about the secure applications which can be downloaded to any device without consequences. You can also build a system within the company, in which you put the given devices under regular examinations in order to comply with company policy.

6. Ensuring MDM/EMM integration

It is very important that mobile security service providers ensure integrity with the biggest MDM/EEM providers. In Hungary you can find almost only MDM (Mobile Device Management) solutions. With the help of these you can basically control a mobile fleet from a distance: you can determine who can access what type of data, who can see company emails, etc.

The advantage of this is that the admins of the system can prepare the system for attacks that come from known viruses. And if a virus had popped up on one of the devices of an employee, the admin is able to identify and locate the threat posed on other devices, and can take the necessary steps.

In order to achieve this, you should choose a security service that can integrate well to the most common MDM and EMM solutions – that way, you can save a lot of time and money.

+1. Avoiding abuse during mobile usage

As technology advances, we have more and more opportunities to ensure that only we can have access to the data and features on our mobile device. Built-in fingerprint readers and face recognition can ensure us that our mobile is not being used by an unauthorized person. Of course, it is better to be cautious as malicious tricks can cause security risks - for example a hacker can bypass the face recognition by showing a photo or mask made of us. It is a good solution if our mobile device is constantly being monitored, our habits are supervised by automations and in case of unusual operations we get a notification immediately.  Additionally, two-step authorization processes are becoming more popular which eliminate potential abuses in high percentage.

As you can see, the question of mobile security is not simpler than the cybersecurity of actual computers. If you follow the appropriate regulations, and you use your devices complying with legislation, you can minimise the chance of a virus.

Source: Lookout