Mobile device security Practical advice on how to keep your mobile device and the data on it safe
Air, water, food… mobile devices Mobile devices are now an integral part of our lives
“If a smartphone lives up to what it should be then it is something, as human beings, we will have an emotional relationship with because it's there all the time, it's our window on the world, it's our mouthpiece, it's everything we are and have. ‘My life is in there’ you hear people scream.” – Stephen Fry My life is in there
So how did we get here? Mobile devices are developing quicker than ever before: 1 st cell phone call st person-to- person SMS message st internet use on a cell phone st Windows tablet PC launched st BlackBerry launched st iPhone launched st Android OS launched between 1 st cell phone call and 1 st SMS years 6 between 1 st SMS and 1 st internet use on a cell phone years 1 year between 1st iPhone and 1st Android OS
Blurring the home-work boundaries Accessing personal websites from work devices Reading work s on personal devices Accessing corporate systems outside the office Whoever owns the device, with smartphones and tablets the boundaries between personal and work use merge.
Work from any location Work at any time Reduced operating costs People prefer them Greater productivity Greater flexibility Increased response times Happier staff The benefits of mobile devices at work
Lost or stolen devices Mobile malware (e.g. viruses) Data loss Financial theft But it’s not all good news Which in turn lead to: Mobile security risks include: Lost or stolen devices Mobile malware (e.g. viruses) Data loss Financial theft
Lost or stolen devices Unattended device Unauthorized access Data theft
Mobile malware 2010: Google removed banking malware that had gathered information on more than 1m Android users 2011: Zeus malware for Android steals financial data But it will be come a major threat in the future. Mobile malware (e.g. malicious apps, Trojans etc.) is still in its infancy. But it does exist and the focus is on data theft:
Data = £ $ € ¥ Criminals can convert data to money in many different ways: Bank details Steal money Make fraudulent purchases Sell to other criminals addresses Sell to spammers Personal identities Make fraudulent purchases Sell to other criminals Company data Blackmail Sell to other parties Steal money Make fraudulent purchases Sell to other criminals Sell to spammers Make fraudulent purchases Sell to other criminals Blackmail Sell to other parties
Your contacts? Your work s? Your bank account? Your online store accounts? Your company’s data? Your holiday plans? Your photos? Your contacts? Your work s? Your bank account? Your online store accounts? Your company’s data? Your holiday plans? Your photos? How secure are your devices? If your personal or work devices fell into the wrong hands, what could people access?
How to secure your mobile... and your life As a basic rule, consider your device like your computer
For individuals Secure your device Always lock it Apply a complex passcode Shield your passcode Apply the latest patches Prevent malware infection Don’t click on unsolicited links Think before downloading apps Be data aware Be careful what you share Encrypt sensitive data Stay compliant Always lock it Apply a complex passcode Shield your passcode Apply the latest patches Don’t click on unsolicited links Think before downloading apps Be careful what you share Encrypt sensitive data Know and follow your organization’s security policies Don’t “jailbreak” or “root”
For organizations Define what’s OK: devices, OS, versions Get visibility of connected devices and data usage Secure the device: require passcodes, control apps, remote management Secure access Create mobile security policy Deal with lost or stolen phones Enable the user to manage their own device Define what’s OK: devices, OS, versions Get visibility of connected devices and data usage Secure the device: require passcodes, control apps, remote management Secure access Create mobile security policy Deal with lost or stolen phones Enable the user to manage their own device
Near Field Contact (NFC) The digital wallet Augmented reality Watch this space! Near Field Contact (NFC) The digital wallet Augmented reality Watch this space! What’s next for mobile devices?