Introduction to mobile security and social media

Introduction to mobile security and social media

Mobile security which is also known as wireless security serves as a protection of smartphones, tablets, laptops, and other portable computing devices and networks they connect to and from threats and vulnerabilities. This will secure mobile devices by authenticating users and protecting or restricting access to data stored on the devices.

On the other hand, when we come to social media, it is a collective of online communications channels dedicated to community-based inputs, interaction, content sharing, and collaboration. Simply, the ability to share photos, opinions, events, etc. in real-time.

Types of mobile devices

Mobile devices have become more than a luxury item to have and it has become a necessity so much so that employees do not just rely on them for day to day to day conversation, they are practically living on them. For many, checking their phones is the first and last thing they do every day.

As a result, its popularity in usage has been a rise in the number of threats and attacks that hackers are still constantly finding more ways and means to break into them. Being aware of what sort of devices you have is the first key to understanding your position and responsibility in making sure you are well guarded against potential digital threats and vulnerabilities.

The list below depicts some of the commonly used mobile devices in the workplace and the risks that may potentially arise from using them.

  • Smartphones
  • Laptops
  • Bluetooth devices
  • Tablets
  • BYOD (Bring Your Own Device)

Smartphones

A smartphone:

  • Is a glorified, compact, and mobile integrated computer that can fit into your pocket
  • Has touchscreen interface
  • Has internet access for web browsing
  • Has the ability to run software applications, making day to day work operations and leisure much more convenient and easy

Smartphones have sensors such as cameras, microphones, GPS receivers, compasses, and accelerometers which could be exploited, and may collect personal information of the user for the benefit and use of the hacker.

As a result, hackers can resort to sneaking in dangerous malware onto your device inconspicuously which could ultimately render your phone useless and exposed to digital theft, such as ransomware.

Laptops

A laptop:

  • Is a small personal integrated computer designed for portability
  • Possesses all the functionality and features that of a desktop but smaller and having ease of portability
  • Runs on AC power or batteries which are rechargeable
  • Possesses a touchpad or in some cases, a trackball and pointing stick

Desktop computers and laptops are commonly targeted to gather passwords or financial account information or to construct a botnet to attack another target which could disrupt day-to-day businesses, costing millions in losses.

Laptop security solutions can involve physical lock-and-key systems, locator devices, or other kinds of items that make it difficult for thieves to steal laptop computers, both physically and digitally.

Bluetooth devices

Bluetooth devices:

  • Is any device that communicates with a variety of electronic devices and creates personal networks operating within the unlicensed 2.4 GHz band
  • Bridge multiple industrial Ethernet networks
  • Can be used to identify and track object positions with the real-time location system

Many Bluetooth devices connect with each other using a simple numeric PIN number that is usually not encrypted. This means that hackers often only need to crack a numeric code to establish a connection between their devices and yours, and ultimately steal personal data.

Some hackers may use this connection to send you messages as a milder form of disruption and nuisance. Others, however, may use it to access your private data or upload viruses that could jeopardize your personal info and security.

Tablets

Tablets:

  • Are a wireless touch screen personal computer that is smaller than a notebook but larger than a smartphone
  • Are built with wireless Internet or local area networks (LAN) and a variety of software applications, including business applications, Web browsers, and games.

Like phones, tablets tend to get carried everywhere and are thus prone to lose and theft. Although some tablets do support hardware data encryption, not all do and many users don’t bother to enable PIN locks, much less encryption.

Even users who do lock their own tablets may not realize that data stored there is readily accessible to downloaded apps. Perhaps more importantly, most users don’t even bother reading the warnings displayed when installing apps, giving little thought to potential risk of being hacked.

BYOD (Bring Your Own Device)

Bring your own device (BYOD):

  • Are any devices of which employees bring their own personal computing devices, be it smartphones, laptops, tablets, pen drives, and such to the workplace for use and connectivity on the secure corporate network

Bring your own device (BYOD) is one of the most complicated issues for IT departments because it exposes the entire organization to huge security risks and vulnerabilities like malware attacks due to the lack of stringent digital security protocols.

It increases the risk of data leakage knowing that mobile devices are the weakest link to its security and are the most susceptible to attacks.

BYOD also makes it difficult to distinguish between personal data and corporate data because they are both kept on the same device. So if the device is lost, the corporate data will also be accessed by any individual who has gotten the device.

Importance of Mobile Security

Why do we care?

  • More data may bring more danger with mobile devices
  • Cyberattacks on mobiles are increasing by the day
  • Threats have evolved to be more sophisticated (exp: mobile app threats)
  • Businesses worry about smartphone risks
  • Dangers of information that can be stolen over wireless networks

Why are we vulnerable?

  • They are everywhere
  • Produced by different vendors
  • Who owns them?
  • Pre-existence of mobile malware
  • Device users are often uneducated about risks and how to secure devices

Emergence and Growth of Mobile App Threats

Hackers target smartphones mostly because:

  • They can create seemingly good (“free”) apps; most of it with your permission, which actually installs malicious code in the background, which can then be used to collect your information and even steal your identity
  • They can dispatch unwanted text to premium numbers causing nuisances and possibly extract info (also known as spam or phishing)
  • They can seize your bank account, wipe your phone’s data, lock it up and even kill your device altogether

Two major mobile app threats:

  • Malware/Malicious apps
  • Legal/Approved apps

You may have already heard about Malware/Malicious Apps so let’s talk about Legal/Approved Apps.

Legal/Approved Apps

Legal apps:

  • Apps that may potentially be used to collect information about you that can be sold to advertisers and could also be used as evidence against you in a legal dispute.

Mobile apps that collect and share information about you are constantly publishing in the background and in this respect have the ability to invade your privacy as well.

So remember when you authorize an app on a mobile device, you’re allowing that app to not only perform its functions but also to access information like your calendar, contacts, and location.

Facebook, Instagram, Twitter, and Gmail are mobile apps that read your address book and track your location.

Types of Mobile Threats

Common Attacks

  • Theft/Gaining Physical Access
  • Malware
  • Data Interception
  • Eavesdropping
  • Insider Threats

What can we do?

Ways to reduce the risk of mobile security attacks

  • Enable remote wipe function and consider the “Find Your Device Option”
  • Be cautious about what you share — text is not inherently secure
  • Use Strong Passwords
  • Download only secure applications
  • Backup and protect your data
  • Don’t ‘jailbreak’ or ‘root’ your device
  • Don’t connect to a work system or the network unless you have permission to do so
  • Report anything suspicious to the security team

Setting up a two/multi-factor authentication

The system works by pushing unique passcodes to your mobile phone to authenticate your identity when you log in, apart from just keying in your password for a user/email/social media account.

As an example, let us take Facebook as the application of our choice in setting up a two/multi-factor authentication

  1. Log into Facebook on your computer or Facebook app on mobile
  2. Open the settings menu
  3. Select the Security option in the left menu
  4. Click the “Login Approvals” option
  5. Check the Login Approvals box
  6. Enter your mobile number (if prompted)
  7. Decide if you want to enable Login Approvals immediately

How to better manage/switch off Geo-Location Tracking apps

The system works by using real-time geo-data (also known as geographical data) from a mobile device or smartphone to provide information, entertainment, or security to the user.

This system relies heavily on the mobile user’s location, the primary objective of the service provider’s system is to determine where the user is.

As an example, let us take Facebook as the application of our choice in managing our geolocation services for both Apple iOS and Google Android.

Apple iOS

  1. Open your iPhone’s Settings
  2. Scroll down until you locate “Facebook” and tap it
  3. Tap on “Settings”
  4. Tap on “Location” (You’ll see this option near the top of the screen)
  5. Tap on “Never” (Blue checkmark will appear to the right of Never; if you wish Facebook to not track your location anymore)

Google Android

  1. Open your Android’s Settings
  2. Scroll down until you locate “Manage apps” and tap it
  3. Tap on “App permissions”
  4. Tap on “Your Location” (You may have to scroll down first to find this option)
  5. Scroll the page down till you locate “Facebook” and slide the switch to the left to switch it off

These are the tips and tricks that we want to share with you about mobile security with social media platforms. Hope you understand what you are currently using as mobile devices and apps run on them and preliminary actions that you can take to protect yourself and corporate data from attackers. Feel free to ask about the topic and share your ideas and suggestions in the comment section below. We will meet again with another valuable tech topic. Until then, bye!

Originally published at https://www.agnasarp.com on June 12, 2021.

--

--

Agnasarp is a technology-focused blog that has enough information about cutting-edge technologies that you can use for your problems. Stay with us!

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store