Latest questions:
Trending questions:
Hot questions:
Mobile protection
Due to the increased popularity of smartphones and tablets, these are more and more popular targets for cyber-criminals. These small devices now act as computers, huge amount of personal and business data is available.
New types of threats pop up, e.g. fake networks, malicious apps, smishing, vishing, access to unknown wifi net, etc.
Which are the main threats you had to face or just identified?
Which basic security tips you set up?
6 answers
Since tablets are mainly used for accessing the cloud, we don't and don't have client put data on them, especially sensitive data. The threats are extremely rare compared to PCs that is isn't a concern. I would not suggest any app that keeps a local copy of data on them.
Few of the basic tips are -
1) Always update your OS ( be with the latest)
2) Never install untrusted apps ( Where you are not very sure about the publisher).
3) Never allow permission to all the apps to sync your data to their servers or cloud. That is fatal.
4) Never store sensitive data on your phone (Credit card pics, document pics, etc )
5) Keep changing the locking password of your phone.
8) Beware of the apps those who are asking too many permissions.
Agreed with keeping important data in the cloud and not locally on a device. Two other things to consider, dependent upon the business case:
- virtual desktops (or RDS)
- two factor authentication, as done by many financial institutions today....username/password not sufficient to get to application or data, need to also Authenticate via code text to phone
Pablo, our firm does use 2FA (two-factor authentication) via a 3rd party authenticator (eg think Microsoft or Google).
i worked for a virtual desktop company, since acquired by VMWare, whose product we used internally...very functional. Market acceptance was minor since it was a change, similar to the still-there cloud resistance in the channel.
Biggest threat is personal data breach which includes your calls, texts, pics, emails, apps you use etc. It is not that difficult for a pro hacker to exploit device using apps as developers hardly focus on SSDLC, and more on the quality and look.
And now we are using IoT devices at home, office, hospitals and controlling them with our mobile app, it is really a big concern for everyone.
Best precaution I can think of currently is using security on top of OS and checking the permissions before installing any app. We should always keep our data on cloud rather than local device. There should be some strict security guidelines that developers should follow before launching their app on stores.