Why mobile device security matters

There’s an old internet myth that Mac computers don’t get viruses. In reality, this was only partly true when there were fewer Macs. Today, any sufficiently popular device is vulnerable to viruses, spyware, and other malware – and this includes mobile devices.

With many individuals using mobile devices to access business networks, mobile device security matters more now than ever. By learning about mobile malware and understanding how it spreads, we can behave in a way that shores up security, and keeps both our personal and business data safe.

The problem with mobile devices

Mobile devices are a ubiquitous part of most people’s lives, and an increasingly intrusive one. While some people use their phones primarily to contact people, for many they are now surrogate laptops. We fill them with private data such as photos, notes and messages, use our payment details for online shopping, and even do our banking remotely.

This treasure trove of data makes them a tempting target for any hacker. Whereas the most common targets used to be desktop or laptop computers, the increasing use of emails, messaging apps and other common avenues for sending malicious files has made them a more common target. What’s more, we often don’t apply the same scrutiny to things that we do on a larger screen, such as who an email is from, or where a link is redirecting us to.

Mobile devices are also dangerous as they often connect to various other devices. Where a desktop computer will generally be wired into one network, a mobile device may connect to multiple networks as you pass near them, and even connect to local devices via Bluetooth. This range of access points increases the risk of your device being illegally accessed, and files being passed from one device to another.

What are the main risks to mobile devices?

Mobile devices are subject to different risks than traditional computers, and require a different approach to data security. With many mobile devices being used for both personal and business matters, the potential damages are doubled. If you have been supplied with a mobile device for work, it is important that you take the right steps to keep up security.

Types of security risks associated with mobile devices include:

Theft or loss of the device. Probably the most obvious threat, any lost devices will have a monetary cost for the replacement of the device.
Unauthorised access to data. Mobile devices used for work are likely to contain or have access to confidential data. In the wrong hands, this will cause a security breach.
Network intrusion. Not only can a compromised mobile device provide an attacker with data, it can also provide an entry point for the attacker to penetrate further into the company network, sending out phishing emails and accessing data on the network.
Identity theft. With a stolen mobile device, an attacker could use your information and even call or send emails from your number or address. They could use this to scam your colleagues or customers.

How can mobile devices pose a security risk?

Mobile devices can allow attackers to gain access to confidential data in a number of ways:

Unauthorised access. Mobile devices can be stolen or accidentally left behind, and then accessed by an attacker.
Mobile devices are just as likely to be infected with malicious programs as the desktops in the office – and in fact can be even more vulnerable due to threats from outside the company network.
Shoulder surfing. When confidential information is accessed outside the workplace on mobile devices, it is vulnerable to being viewed by unauthorised people.
Network surveillance on public Wi-Fi.

How to protect your devices from loss and theft

While mobile devices can be compromised remotely, the most common form of data theft is through physical access to a device. Unsecured or poorly secured devices give criminals the opportunity to steal data or install malware, which could continue to capture and relay information even if you get your device back.

This is why these precautions are important:

Never leave your devices unattended in public places. Even if your device is protected by a password, with physical access a criminal could still steal data or install malware if they have the device in their control.
Protect all your devices with a strong password. This helps make it harder for attackers to gain access. You could also use biometric authentication such as a fingerprint or face scanner, although these methods can be spoofed.
Always log out of your devices when you are not using them. This is especially important with laptops and tablets that you don’t carry around with you.

How to protect mobile devices from malware

No device is safe from malware, and in some cases, mobile devices may even be less safe than computers. Mobile browsers can be more vulnerable to malware downloaded from browsing insecure websites, and the wide variety of phones (particularly Androids) means that security updates aren’t always timely, or available at all after a certain point.

As such, the following tips are extremely important to protect mobile devices from malware:

Install operating system updates as soon as they are available. Software updates contain security patches that fix known vulnerabilities which malware could exploit to infect your device.
Ensure you have up-to-date antivirus. This is especially important on laptops with Windows or MacOS operating systems.
Only install applications from official app stores. On mobile phones and tablets, you should only ever install applications from Google Play, Apple App Store or other official application stores, as these stores check apps for malware.

How to protect mobile devices from shoulder surfing

Having your device stolen or accessed remotely isn’t the only risk. Just like using a cash machine or card reader, ‘shoulder surfing’ can compromise your login details, and leave private information vulnerable to being seen and stolen. As such, try to stick to the following:

Avoid viewing sensitive or confidential data in public whenever possible. It is best to avoid accessing private information in public places if at all possible.
If you have to view sensitive or confidential data, think about who might be able to see it. Try to position yourself so that it is hard for bystanders to see your screen.
Get a privacy filter for your device. A privacy filter on the screen of your device will limit the viewing angles of the screen and make it harder for bystanders to see what is on your screen.

Being informed of mobile device risks and taking the right precautions is the first step to a more secure workplace. To start formulating a comprehensive security strategy – including advanced encryption, vulnerability scanning and data backups – contact Sota today.

Insights

View all

Blog What to Consider When Picking Your VoIP Provider

Blog 5 Advantages of Cyber Essentials Plus Certification

Blog AI Threats: Taking a closer look into Deepfake Attacks

Insight Cyber Essentials and ISO 27001: Reviewing Security Accreditations

Insight KPSN Replacement Broadband Service

Blog Wired and Wireless: The Backbone of Connectivity

Blog The Benefits of Microsoft SharePoint

Blog The growing threat of AI-driven phishing attacks

Blog How to achieve seamless IT installations

Blog How dedicated IT support services make businesses more efficient

Blog Driving your business into the future with Teams and Skype

Blog 6 key benefits of high availability solutions

Blog The business benefits of IT colocation services

Blog The benefits of a 24/7 global service desk for uninterrupted IT support

Insight The surprising benefits of wired internet for businesses

Blog The business benefits of Microsoft 365

Blog 5 project management techniques for successful IT projects

Blog The business benefits of using Private Ethernet

Blog How to safeguard your data with GDPR and ISO 27001 accreditation

Blog The crucial role of data protection in businesses

Insight Windows Server 2012 end of support and migration options

Blog What are the benefits of hiring IT consulting services?

Blog How your IT department can benefit from third party support

Blog 5 cybersecurity threats to watch out for

Blog What’s the difference between Cyber Essentials and Cyber Essentials Plus?

Blog 5 important business benefits of VoIP

Insight 5 business benefits of fibre connectivity

Blog How the green cloud is making IT more sustainable

Blog How Microsoft keeps cloud data secure

Blog The key benefits of using Microsoft 365

Blog 4 key business benefits of cloud computing

Blog 5 major benefits of IT consultancy services

Blog Cyber Essentials update: what you need to know

News Microsoft 365 price increase explained

Blog 3 common colocation myths busted

Blog What is session hijacking, and how can I protect against it?

Events Data centre tours

Insight Education People Show 2022

Insight How to build a successful colocation strategy

Insight What happens to your data centre in a blackout?

Insight 5 business cyber security tips for Christmas

Blog Why businesses are switching to Microsoft Azure

Blog Migrating to the cloud in 10 simple steps

Blog How to pick a data centre with the Tier Classification System

Blog 5 green computing ideas to revolutionise your organisation

Blog Why Microsoft Teams is the best way to collaborate online

Blog How ISO 27001 can protect your business’s information

Insight Sota sponsors Monte Carlo Madness

Insight How to keep your devices safe from malware

Insight How you can help mitigate third party breaches

Insight How to implement secure file sharing for your business

Insight How to enlist employees to fight cyber threats

Blog How to avoid being infected with spyware and adware

Blog The best video conferencing apps for businesses

Blog What does a Clear Desk Policy involve, and what threats does it help counter?

Blog How to avoid malicious websites & applications

Blog How to protect your home network from online threats

Blog What is the dark web (and how can I stay safe on it)?

Insight Azure explained: what is it and why do you need it?

Insight 4 simple tips to protect your online privacy

Insight SotaVoice video

Insight What is a virtual private network (VPN)?

News SotaConnect video

Insight SotaProtect Security video

Insight How to make remote working more cyber secure

Insight SotaProtect Backup video

Insight How to stay safe from cyber crime

Blog What does BYOD mean, and what security risks does it involve?

Insight SotaCloud video

Blog What’s the difference between information and data?

Insight SotaSupport video

Blog 5 reasons your business needs unified communications

Blog 4 top tips to pass your Cyber Essentials accreditation

News Sota rebrands Educa

Insight Sota promo video

Blog How to fix common laptop problems

Blog What is the UK Data Protection Act, and how does it affect your business?

Blog What is IVR phishing, and how can I avoid it?

Blog Where is data stored, and what is a data breach?

Blog Best practices for email and internet security

Insight How to ensure your cloud computing is legally compliant

Insight What is GDPR, and why does it matter for businesses?

Blog What is PCI DSS and how does it affect you and your organisation?

Blog Social engineering attacks: what they are and how to prevent them

Blog How to handle your organisation’s data and information policy

Blog Why software updates are so important (and how to install them)

Blog How to keep your business safe from ransomware attacks

Blog The best security practices for removable devices and media

Blog What is a denial of service attack, and how can I prevent it?

Blog Why having strong passwords really matters

Blog Why mobile device security matters

Blog How to choose the right IT services provider

Insight How to use social media safely (for individuals and businesses)

Blog How to: safeguard your data

Blog What is: Cyber Essentials Accreditation

Blog The real risk of remote working

Insight Cyber security breakfast

News Sota during COVID-19

News Sota launches new corporate identity

Blog Don’t let disaster affect your business

Blog The cyber threat to SME’s