Top Mobile Security Issues

Lost or Stolen Mobile Devices
Ineffective Mobile Device Protection Policies
 Mobile Application Vulnerabilities
 Mobile Device Malware Growth
 Unnecessary Data Storage
 Unsecure Data Transmission
Counterfeit Chips
Compromised (backdoor) Chips
 Compromised Software.



An estimated 95% of companies
now have some level of mobile security
policies in place or in process.

A global mobile threat study found
that security vulnerabilities are at an
all-time high for mobile devices.


Data at Risk

If attackers gain access to a mobile
devices/network the following data
is at risk.
 Text Messaging (SMS)
 Email Messages
 Open Microphone Audio
 Open Camera Images
 Stored Pictures / Videos
 Location Data (GPS)
 Contact List
 Call History
 Browsing History


cell_targetMobile devices are now a critical aspect of the modern workforce.Now consider that Microsoft Office on mobile devices is nearly ascommon as using a laptop. The recent News of the World scandalin Britain has increased the focus on mobile device security. Giventhe realities of the modern day work environment, the use of these devices to access the sensitive data of organizations large and small will continue to grow and mobile applications will proliferate. Researchers haveestimated that mobile data usage will grow 12-fold by 2014. According to a Carnegie
Mellon University study, 4 in 10 organizations have had mobile devices lost or stolen,
and half of those devices contained critical data.

Mobile device use has exploded and the increaseduse has caught the attention of hackers. The numberof pieces of mobile malware introduced in 2010 increased by 46 percent over what we saw in 2009.That 2010 number equates to nearly 55,000 newmalware threats each and every day! What is importantto note is that when users sync up with their computers, often times malware is transferred.

Another security issue is the common use of these devices in open/public locations
and networks. Many locations offer open and free internet access via their networks—
Starbucks is a good example. They are common at cafés, restaurants, airports,
hotels, parks and a wide variety of other locations. The vast majority of these
connections are not secure. They are designed for ease of access rather than security.
Users taking advantage of this type connectivity must be educated on the risks of
connecting to these networks and must be very careful.

A second and equally critical security issue for mobile devices addresses the ability to
cleanse the device, SIM card and memory chips. Bottom line is to ensure no one can
recover information from the device, all of these devices should be destroyed (ground
up) at their end of life. If any of these devices are being reallocated to other employee
within the same organization, at a minimum remove the existing SIM card,
destroy it and replace it with a new one.

Mobile devices pose a huge challenge for security professionals. A comprehensive
program that includes policies and security technology must be established in order to
stem the growth of successful attacks on this class of device. In addition, accessing
sensitive data over these open networks may be a compliance issue as well and we all
know how pleasant compliance violations can be!

Author: Kevin Coleman, Technolytics Institute