Welcome!

Cloud Security Authors: Liz McMillan, Pat Romanski, Elizabeth White, Yeshim Deniz, Terry Ray

Related Topics: @CloudExpo, Mobile IoT, Cloud Security

@CloudExpo: Blog Feed Post

Mobile Device Security: A New Frontier for Hackers | @CloudExpo [#Cloud]

Recent security breaches have heightened our awareness of cybersecurity issues

By Sandra K. Johnson

Recent security breaches have heightened our awareness of cybersecurity issues. The hack and other security breaches have resulted in unprecedented damages. However, the majority of mobile device users have yet to be sensitized to their personal and corporate security risks.

Staples
For example, a security study found that 69 percent of users store sensitive personal information on their mobile devices.  Examples include banking information, confidential work-related items and provocative videos and photos. In addition, 51 percent of mobile device consumers share usernames and passwords with family, friends and colleagues. This in spite of the fact that 80 percent of such devices are unprotected by security software. 
While mobile device security attacks are relatively small, they are the new frontier for hackers.  Listed below are highlights from several mobile device surveys:

  • The four top threats to mobile devices include: 1) lost and stolen phones; 2) insecure communications; 3) leveraging less-secure, third-party app stores; and 4) vulnerable development frameworks.
  • One in 10 U.S. smartphone owners are victims of phone theft.
  • Mobile malware attacks are increasing, with 2014 exhibiting a 75 percent increase in Android malware attacks on devices.
  • The use of mobile devices to access enterprise resources introduces significant security risks.

Cyberattackers are typically attempting to obtain access to sensitive or personal data, and then use it to access financial accounts. Some methodologies used include social engineering, distributing and executing malware, and accessing data through public Wi-Fi networks.
A recent survey found that phishing and scams for winning free stuff were the most popular SMS attacks. Unsolicited SMS messages attempted to trick users into providing detailed, sensitive information about their financial accounts at major banks. The mobile malware StealthGenie secretly monitors calls, texts and videos on mobile phones. Bitdefender has been able to break the secure communications between a Samsung watch and an Android device with ease, using brute force sniffing tools. (See “5 New Threats to Your Mobile Device Security” for more information.)
These are a sampling of the numerous cybercriminal methodologies for accessing user finances and data. Listed below are some user actions for reducing or minimizing a successful attack:

  • Always enable password or PIN protection on your device.
  • Run scans using a respected security and malware program on a regular basis (see the best antivirus software for Android devices).
  • Subscribe to managed mobile device services such as anti-malware and mobile device locator services; also lock the device and wipe all data in the event of device theft.
  • Encrypt mobile device data.
  • Install/run the latest versions of your device OS and all mobile apps.
  • Upgrade to the most recent firmware for your mobile device.
  • Do not access secure or highly sensitive information while using public Wi-Fi networks.
  • Avoid clicking on ads on your mobile devices.
  • Do not configure phones to allow the installation of apps from unknown sources, e.g., only download  from well-known and trusted app stores (although they are not foolproof).
  • Observe all corporate bring-your-own-device (BYOD) and related policies.

In addition, ISO lists some common sense advice regarding mobile devices, as included below:

  • Do not openly display a device — keep it in a pocket or handbag.
  • If possible, avoid using it in crowded areas.
  • Properly mark your phone with your ZIP code.
  • If the phone is lost or stolen, report it immediately to the police and to your service provider.
  • Be aware of your surroundings and the people near to you.
  • Do not leave it unattended – keep it with you at all times.
  • Make a note of your phone’s IMEI number.
  • Do not leave a device in view in an unattended vehicle.


( This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. To learn more about tech news and analysis visit Tech Page One. Dell sponsored this article, but the opinions are our own and don’t necessarily represent Dell’s positions or strategies.)

Bookmark and Share
Cloud Musings

Read the original blog entry...

More Stories By Kevin Jackson

Kevin Jackson, founder of the GovCloud Network, is an independent technology and business consultant specializing in mission critical solutions. He has served in various senior management positions including VP & GM Cloud Services NJVC, Worldwide Sales Executive for IBM and VP Program Management Office at JP Morgan Chase. His formal education includes MSEE (Computer Engineering), MA National Security & Strategic Studies and a BS Aerospace Engineering. Jackson graduated from the United States Naval Academy in 1979 and retired from the US Navy earning specialties in Space Systems Engineering, Airborne Logistics and Airborne Command and Control. He also served with the National Reconnaissance Office, Operational Support Office, providing tactical support to Navy and Marine Corps forces worldwide. Kevin is the founder and author of “Cloud Musings”, a widely followed blog that focuses on the use of cloud computing by the Federal government. He is also the editor and founder of “Government Cloud Computing” electronic magazine, published at Ulitzer.com. To set up an appointment CLICK HERE

IoT & Smart Cities Stories
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
DXWorldEXPO LLC announced today that ICC-USA, a computer systems integrator and server manufacturing company focused on developing products and product appliances, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City. ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of ...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.