This article is for faculty, students, and staff. It provides background on the two main types of mobile security, explains how to avoid or address common mobile threats, and provides tips for best security practices.
Physical Security for Mobile Devices
ITS encourages all users to take action to secure their mobile devices. While much of this article will discuss protecting devices from cybersecurity threats, it is just as important that users also see to the physical security of their devices.
Mobile devices, given the wealth of sensitive data they hold, can essentially be thought of as informational safes, designed to ensure that contacts, accounts, messages, and even finances are protected from unauthorized access or malicious software. However, unlike a safe, which is typically not carried around in public, users tend to keep mobile devices on their person at almost all times. This tendency renders devices more accessible to cybercriminals, making it that much more imperative that users are vigilant, and keep track of their devices to prevent loss or theft.
Cybersecurity for Mobile Devices
Mobile devices are more prone to cyber-attacks because:
- They are easier to misplace or steal.
- Mobile app development environments are very accessible, which means that almost anyone can develop a malicious app that installs malware on the affected device or steals information.
- While self-replicating viruses—the most well-known type of malware—are rare (and in Android’s case, nonexistent) on mobile devices, they are still susceptible to other types of malware. Many mobile device users are unaware of this and incorrectly assume that the built-in device security provides sufficient protection. It does not.
It is thus important that users maintain physical security, combined with rigorous cybersecurity measures, for their mobile devices. This is the most effective way to prevent security threats.
Protecting Mobile Devices From Cybersecurity Threats
The section below describes steps that users can take to protect against the most common types of mobile security threats.
For more background information about different types of cybersecurity threats, review the article, /wiki/spaces/IKB/pages/10809901143.
Network Spoofing
To prevent cybercriminals from spoofing—i.e., creating false WiFi networks that mimic legitimate ones, you should:
- Disable the auto-connect feature in your mobile device’s network settings.
- Check the legitimacy of any network before you connect to it.
Unpatched Vulnerabilities
Device updates, from a security perspective, serve to patch up cracks in the system that leave the device open to attacks. To reduce this risk, keep your devices up to date. One way to facilitate this is to enable automatic updates in your device settings.
Smishing
To protect your mobile device from smishing—i.e., phishing that occurs over SMS instead of via email—you should:
- Never click on any of the links that may appear in messages from unknown users.
- Never respond to text messages from unknown users.
- Be especially wary of texts you receive from unknown users that contain threatening language, or convey urgency.
Malicious Apps
Scammers often create fraudulent versions of legitimate apps to gain unauthorized access to devices. To protect your device from malicious apps,
- Research the app’s developers prior to installing any software.
- Only download apps from legitimate, verified sources.
- Review the app’s security settings and permissions carefully. When unchecked, permissions often allow the app to collect more of your device’s data than is necessary for it to actually function.
Viruses and Other Malware
As mentioned above, mobile devices are highly susceptible to viruses and other malware, and it is important to protect against these risks. The best ways to prevent your mobile device from malware are to:
- Install antivirus and antimalware software.
- Exercise extreme caution when downloading software (including antivirus/malware programs), clicking links or tapping on-screen buttons. Remember that both legitimate and malicious software can gather a lot of information about you, your activities on your device, and even other applications without your knowledge.
Protecting Mobile Devices While Traveling
Travel tends to pose an increased threat to mobile devices. Some tips for securing mobile devices are listed below.
To protect against security breaches while traveling,
- Always keep an eye on your belongings, particularly your mobile devices.
- Avoid connecting to public WiFi.
If you must connect to public WiFi, use a virtual private network (VPN).
For more information about VPNs, review the section, Virtual Private Network (VPN).
- Use only the power supplies you personally own to charge your mobile devices or transfer data.
- Do not discuss anything confidential until you ensure that you have privacy.
- Enable the Find My Device feature on your device so that it can be located if it is lost.
For more information about protecting mobile devices when traveling, review the Security Awareness News article, Mobile Device Security, included below.
Related Articles
Filter by label
There are no items with the selected labels at this time.