Industry View
The Top 5 Stupid Things People Do With Mobile Phones
A lost mobile device can be just as bad as a lost laptop - Mformation's Matt Bancroft takes a look at the careless errors that make it so.
By Matt Bancroft, Mformation
Enterprises in particular want to be able to establish and enforce security policies that ensure only authorized applications can be loaded onto employees' devices. They also need to be able to ensure that employees have the correct versions of key applications. Consumers also need quick resolution to any problems they might have as a result of a bad application or service being downloaded.
#4: Using the phone to access dangerous/risky Web sites and Internet locations
Most mobile devices provide Internet access, making it just as easy to access risky Web sites and Internet content on a phone as it is to access this content on a computer. We all know what sort of havoc some Web sites and Internet locations can wreak on a computer—from crashes due to viruses and malware, to unsolicited content that affects performance. This issue is now a problem for mobile phones as well.
According to McAfee's 2008 Mobile Security Report, more than 86 percent of mobile users worry about receiving inappropriate or unsolicited content, getting fraudulent bill increases, or suffering information loss or theft. In addition, one in seven global mobile users report that they have already been exposed to mobile viruses, either directly or through knowing someone whose phone has been infected. Consumers and enterprises alike need to be able to protect themselves from these problems with the ability to block unsolicited content and to recover quickly and completely if a mobile device is infected.
#5: Leaving the device open to access (e.g., leaving Bluetooth or WiFi on, visible and unsecured)
Some of the most prevalent mobile viruses and worms use an unprotected Bluetooth connection to get into mobile devices or to spread to other devices. This includes two of the most common mobile device viruses, both with a number of variants, Cabir and CommWarrior. As yet, there have not been reports of attacks on mobile phones via open WiFi connections, but experts say that with more mobile devices connecting via WiFi, they are susceptible to the same types of attacks as any computer on an at-risk network might be.
In addition, it is possible for external sources to hijack an open, unsecured connection such as Bluetooth or WiFi in order to enter into corporate networks, where they could cause harm to corporate systems or data. One way to minimize the risks these open connections can present to an enterprise is to establish and enforce policies about restricting access to certain mobile device functions, such as WiFi or Bluetooth, under certain circumstances, protecting corporate data and assets from outside attack.
$firstKeyword
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- The Strategic Advantage of Cloud-Based Email and BlackBerry Services
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- Managing A Growing Threat: An Executive's Guide to Web Application Security
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
