In the first two parts of our series on network security and mobile security solutions, we covered network-based tactics, and app & OS based tactics of intercepting sensitive data and hijacking device control. For our third and final installment, we’ll cover the steps you can take to secure your data and devices against unwanted access.
Protect Yourself Against Mobile Security Threats
There are a number of precautions individuals and enterprise users can take to protect their personal data, including good corporate use policy, networking best practices when using outside wifi, and apps & software solutions that monitor traffic and enforce corporate rules.
Network Threat Defense
As we discussed in Part I of our series, public wifi and easy avenue for Man in the Middle (MitM) attacks using ARP Spoofing techniques. So, the first line of defense is to protect yourself when using public wifi networks:
- In the case of mobile device security, prevention is the best medicine. If at all possible, avoid connecting to outside networks. In particular, it is wise to disable settings that allow automatic connection to open wifi networks. This may be done at the device level, or by implementing corporate rules for safe use. For corporate rules to be useful, however, you must have a software solution to enforce them.
- If, like most, you need to connect to a public wifi, protecting yourself through the use of a Virtual Private Network (VPN), will allow all traffic transmitted to and from the device to remain hidden from potential attacks. You should also be able to monitor any incoming or outgoing traffic with apps or software that can flag suspicious behavior and offer guidance on network use.
- It’s worth mentioning that just because a network isn’t “public” doesn’t necessarily mean it’s guaranteed to be safe. Corporate spying does occur, and the safe course of action is to assume that any network outside your organization can be compromised.
Solutions like Samoby Mobile Security are able to detect a variety of hacking techniques, such as ARP Spoofing, SSL spoofing, and Man in the Middle (MitM) attacks, notify you in real time, and enforce the use of a private network as part of your corporate usage rules.
The second great precaution is to avoid the use of non-secure connections:
- Do not connect to websites that do not use certificates
- Heed unsafe connection warnings. For example, accepting a certificate of unknown entity exposes users to MitM attacks.
- Use a solution like Samoby Mobile Security that detects ARP Spoofing and when an attacker tries to use unreliable certificates.
App Threat Defense
Following the recommendations and conclusions in Part II of our series, several app-specific precautions that can be taken:
- Never use unofficial apps stores.
- Let apps update as often as possible to take advantage of security and vulnerability patches.
- Avoid the use of applications that communicate their location publicly (SnapChat, Strava, etc.) You can also recommend deactivating location services for people whose activity is very sensitive.
Samoby Mobile Security allows you to validate that installed apps are not in its database of known malware or applications with vulnerabilities. It also allows users to limit the use of certain applications based on several criteria: Unofficial applications, dangerous applications, time, location, etc.
Both apps and network threats protection require you to take care when configuring the device, avoiding settings and configurations that leave devices more vulnerable to attacks.
For device configurations, we recommend:
- Always applying the latest safety patches and hotfixes.
- Avoiding the use of “rooted” or “Jailbroken” devices.
- Disabling development or debug mode.
- Encryption of phone data, enabling this option on the phone if it is not set by default.
- Having a phone lock scheme or code automatically enabled when the phone is idle.
- Disabling installations for applications from unofficial stores.
- Disabling option for automatic connection to open wifi.
Samoby Mobile Security allows for continuous auditing of configuration, to establish lists of vulnerabilities such as:
- Old versions of OS, or unapplied security patches.
- Lists of potentially dangerous configurations, such as authorization to install applications from unknown sources, devices in debug mode, use of rooted devices, etc.
- List of applications on a device from unofficial stores.
- List of vulnerable app version installs.
- List of applications that use suspicious permissions: access to keys pressed, to camera, location, recorder, etc.
If you would like to learn how Samoby is reducing the threat of compromising apps and configurations, email us at firstname.lastname@example.org to learn more about our groundbreaking, real-time data monitoring solutions, and to see a demo.