As smartphones grow more powerful than the PCs used just a decade ago, they increasingly become the target of scams.
Years back, a phone was just a phone a simple device to make and receive calls. The only concern about it was if someone had picked up in the other room to listen in.
Flash forward to 2011, and the line between phones and computers has all but vanished. In fact, your smartphone is likely more powerful and feature-rich than your desktop computer was just ten years ago.
With that increased utility, vulnerability seeps into. Having a wealth of information–personal and otherwise–in your device makes your phone a target, and as the bad guys ramp up their efforts to infiltrate it, the good guys are gearing up their efforts to keep them out.
Does Smartphone security really matter?
Undoubtedly the answer is yes. The degree to which it matters, however, depends on the individual user, or the individual company.
Threats to your mobile security are not always visible. They range from simple (such as when someone finds your phone and reads all your e-mail) to the highly complex (such as Trojan horses, viruses, or third-party apps that share your personal information).
Here are some common security risks, with tips, tricks, and tools to combat them.
Don’t loose your phone
This may seem like a no-brainer, but don’t put your phone down on a bar (especially if you work for Apple and have a prototype that no one is supposed to see). If you’re in a public area, don’t put it in your pocket or an open bag since this creates an easy and visible target for others. Obvious suggestions, sure, but these kinds of on-the-streets situations account for most cases of phone theft.
Your first line of defense
Set your phone to lock, or time out, after a certain period of inactivity, requiring a password to get back in. All of the major smartphone operating systems support this function. You’ll want your password to be something hard for you to forget and easy to type since you’ll enter it frequently throughout the day, yet difficult for someone else to guess. Anything containing your name, information found on a driver’s license, or a number as simple as “1234,” for example, are not good passwords.
Here’s how to find time-out settings on various smartphone OSs:
Android:
Previously, Android supported only pattern unlock (in which you draw a pattern to access the phone), but with version 2.2 of the OS, it now supports PINs and passwords. From the home screen, press Mneu -> Settings -> Location & Security -> Screen Unlock where you’ll find many options for settings passwords. To set the screen time-out, however, you must go back to the Settings menu, and this time click Display. (Hint: If you decide to go with the pattern unlock, create a complex one that crosses over itself, or someone might deduce your pattern from the repeated smudge marks on your screen.
Blackberry:
From the home screen click Options -> Security Options -> General Settings. Here you’ll see options to enable the password, set or change the password, and set the security timeout options.
iOS:
Earlier versions of the iOS allow only for a four-digit PIN unlock code (which is not at all ideal). Luckily iOS 4 introduced the option to set a longer password. Open the Settings app, and then select General -> Passcode Lock. Just above Passcode Lock is the Auto-Lock option, whwich controls the time-out.
Windows Phone 7:
Open Settings -> Lock and Wallpaper. You can now set or change the password, and also set the screen timeout.
Your second line of defense
Remote wipe, plus the aforementioned password protection, is the bare minimum that most IT departments wiwll require, although the specific steps you’ll need to take very much depend on the level of security at your company.
Remote wipe means that if your phone is lost or stolen, you can remotely clear all your data — including e-mail, contacts, texts, and documents — of the handset, thus keeping that information out of the wrong hands.
You or your IT department can set this feature up for any of the major OSs, as well as use Microsoft Exchange to wipe the device (provided that you have an Exchange account).
- Android, BlackBerry, and Windows Phone 7: If your OS is amongst these three, you’re in luck, as you can find many fantastic third-party applications that allow you to remotely wwiwpe your device. Lookout Mobile Security is just one example that not only enables you to wipe your device via the Web but also lets you track a lost device through GPS, back up your data over the air, and even scan for viruses. Its basic version is free, but to enable advanced features such as remote wipe you will have to pay a Premium account ($3 a month or $30 a year). You’ll encounter big players in teh security-app game, too; for instance, NotifyMDM, Symantec, and Zenprise sell multiple-mobile-device management systems to companies.
- iOS: iPhone remote wipe is a bit trickier. If you have iOS 4.2 or higher, you can simply download the Fine MY Phone app from the App Store, and enable it in MobileMe in teh Settings App. if you lose your phone, you can log in using MobileMe via Apple’s Website to track it, display a message, or wipe it. If you have an older version of iOS, though, you’ll need a paid MobileMe account, which costs a steep $99 a year. Plus, you’ll have to enable the function by going to Settings -> Choosing Mail -> Contacts -> Calendars and then clicking Fetch New Data, then enabling Push. Afterward, return to the ‘Mail, Contacts, Calendar’ screen and select your MobileMe account.
Note that all of the apps and services mentioned in this section, as well as other tools (such as Mobile Defense and Where’s My Droid?), can help you find your phone via GPS. These apps have drawn attention lately, as their usage hasx led to the arrest of sevearl thieves and carjackers.
“As there gets to be hundreds of millions of smartphones out there, that becomes a bigger target for attackers,” says Ahmed Datoo, chief marketing officer for Zenprise. His firm creates software that enables a large company’s IT department to scan all devices in the system at once, remotely, to make sure no malware has snuck in.
“We have seen a rise in malware across the board for all platforms. Lately it’s been focused on the newer devices with greater adoption: iOS, Android,” he says.
And if you’re thinking that kind of thing results only from installing pirated software from sketchy Websites, be forewarned that attacks can also occur in official app stores.
What should you do? Consumers should turn to third-party apps once more. If you’re on Android, BlackBerry, or Windows Phone 7, again consider Lookout: It scans your phone for malware and spyware, even examining any application you download. That said, it could still miss a nasty SMS or MMS script, so think twice before you open an MMS item from someone you don’t know. Symantec, which makes business-level products for virtually every mobile platform, also creates consumer-level tools for Android and Windows Phone 7; more software like Mobile Defense is emerging, too.
iOS doesn’t really have antivirus apps available on a consumer level, relying instead on Apple’s stringent App Store policies to keep out malware. Considering the scale and speed at which apps are submitted and approved, though, things are bound to slip through the cracks. The potential for human error is just too great to deny. On iOS you can use the Trend Smart Surfing app, which blocks access to Websites known to contain malware or potential phishing attacks. It would be nice to see more protection for various inboxes, though.
Third party apps that share too much
When you install a third-party app, you grant it certain privileges. Those privileges may include access to your physical location, contact information (yours and that of others), or other personal data. Most of the time an app will be fine, but how do you know what its makers are doing with those privileges and your information? The short answer: You don’t.
Most phone OSs try to handle this problem with a centralized application-store screening process, attempting to weed out any bad eggs before they get in. Again, however, undesirable things slip through.
Android takes a different approach, having looser central control but providing the end user with more information. Before you install an application on Android, the app must ask you for specific permissions. Don’t simply ignore such messages. If you’re just trying to install a simple wallpaper, ask yourself why it needs access to your contacts and your location. Be judicious when granting permissions.
Additionally, with all platforms, always pay close attention to app ratings and read the comments to see what other users have said. If an app has merely 50 downloads and a two-star rating, do a little digging and find out why. The best protection here really is common sense. Failing that, Lookout Premium can provide you with an overview of the permissions you have granted.
Even major companies including Facebook and Pandora have been sharing (read: selling) more user information than was commonly thought. Your options are pretty much limited to avoiding these applications or starting a letter-writing campaign.
Which OS is the most secure?
There is no easy answer to this question. All of the major smartphone OSs have made significant strides in the last year.
“From an enterprise control and security standpoint, BlackBerry is still the gold standard,” says Khoi Nguyen, director of product management for mobile security at Symantec. RIM’s phones also feature advanced, devicewide encryption–including for the SD Card–that’s cleared for usage at some of the highest levels of government.
Yet in the last six months Apple and Android have expanded support for security management, and more companies appear comfortable using them, Nguyen adds. Also, to enable further security, device manufacturers such as HTC and Motorola have added proprietary software on top of the various OSs their phones support.
With Windows Phone 7, Microsoft is following a similar strategy to that of Apple and Google in that it’s starting out by keeping its mobile OS consumer-focused. The company is likely to add more business-friendly security in days to come, however.
One of the biggest holes in Android’s security that’s slowing its mass adoption in the business world is its lack of encryption, especially on the SD Card. That’s a significant risk for business users, who save their e-mail attachments on unencrypted SD Cards.
BlackBerry phones offer the option to encrypt SD Cards, whereas iOS and Windows Phone 7 do not currently support removable storage. That said, many companies are willing to accept phones with unencrypted SD Cards, as long as remote wiping is set up. This arrangement will be fine for most consumers, too. It’s important to note, though, that in order to wipe a phone remotely, it must be powered on and have a data connection. So if someone pulls the battery out of your Droid before you wipe it, you cannot erase your SD Card.
Smartphone security for the IT crowd
The enterprise ecosystem has changed dramatically in the past year. Each end user wants to stick with the device they prefer personally, and they want to use it for work. Denying them that freedom doesn’t always go over so well.
“The days of the IT department trying to regulate what devices users can and can’t have–that battle is lost. So they should focus on their real mission, which is providing security to their users,” says Datoo of Zenprise.
With so many platforms and new devices flooding the market, how can the IT pro at a small company possibly develop software to track them all, and keep them virus-free? More companies are turning that job over to software developers such as NotifyMDM, Symantec, and Zenprise, which enable management of a company’s devices from a single interface.
Third-party software allows an IT admin to search all devices at the same time–whether for 5 or 57,000 users–while still accommodating the latest, most cutting-edge phones.
It’s a brave, new, constantly evolving world out there. While we have yet to see an attack on smartphones that rivals the scale of PC attacks, attempts are becoming more and more frequent, and they will continue to proliferate. Critical thinking and your browser’s search button may always be your best line of defense.
Chicken Coops Resource…
[...]the time to read or visit the content or sites we have linked to below the[...]…
Online Kasper Suits Petite…
[...]these are several links to online websites which we connect to because we think there’re worth visiting[...]…
Interesting Blogs…
[...]so there are many other websites online who use these types of tools[...]…
Discount Kasper Suits…
[...]right here are a few links to internet pages we connect to since we feel there’re definitely worth browsing[...]…
I want a Non-camera iPhone 4…
[...]our editors made us to visit the websites below out last night and commented that the graphics were an awesome source of ideas and display[...]…
Discount Kasper Suits…
[...]what follows are a couple of url links to internet sites which I link to since we think they are worthwhile checking out[...]…
Free Ebook…
[...]to get an idea of different types of layouts that people use in blogs[...]…
Taylor Lautner…
I found this as a nice post…..
[...]By the way you might want to check out this cool site I found…[...]…
[...] In other news check this out [...]…
OpenOffice Download…
[...]following are several references to places I always link to since we think there’re well worth checking out[...]…
Taylor Lautner Workout…
Also you might wanna’ check out this blog I found here……
Trackback…
[...]these are several web links to web-sites I always link to because we think these are well worth visiting[...]…
Trackback…
[...]At the bottom of this page you will discover a few of unrelated blogs,however I belive are wonderfull websites worthy of a visit[...]…
1.) Recommendation…
2.) [...]here is a site that I like. If you have a few minutes then take a look too[...]…
The cool site…
[...]below you’ll find the link to some sites that we think you should visit[...]…
1.) Extra Reading…
2.) [...]this site is off topic but I recommend taking a quick look at it[...]…
London Escorts Agency…
[...]just below, are some totally unrelated sites to ours, however, they are definitely worth checking out[...]…
The Best Scholarships for Minorities…
[...]right here are a couple of web page links to web-sites which we link to seeing as we believe these are worthy of visiting[...]…
best suvs…
[...]we like to honor other sites on the web, even if they aren’t related to us, by linking to them. Below are some sites worth checking out[...]…
Get it…
[...]Here is another great site[...]…
1.) Another site…
2.) [...]I don’t normally recommend other sites but I will break my trend for this[...]…
Nice Read….
[..] Tonight after I read this blog post, I appreciated the information and thought it deserves a link. [..]…
m4 airsoft…
[...]below you’ll find the link to some sites that we think you should visit[...]…
M1 Recontract…
[...]some friends we worked with previously are as follows. They are amazing artists and take pride in their[...]…
Useful information…
[...]one of my favorite things to do is to look to find intriguing facts to hyperlink to much like the internet site listed below[...]…
Money For College Scholarships for Minorities…
[...]below are a few web page links to online sites which I link to as we think there’re worthwhile checking out[...]…
ICICI Money to India…
[...]listed here are some web links to online websites I always link to as we feel they are really worth checking out[...]…
Hostpapa Review…
[...]while the sites we link to below are completely unrelated to ours, we think they are worth a read, so have a look[...]…
Money for College-Scholarships for Minorities…
[...]listed here are a couple of urls to web pages which we connect to seeing that we feel they are really worth browsing[...]…
Get Scholarships for Minorities…
[...]following are a handful of web page links to web pages that we link to seeing as we think they’re seriously worth checking out[...]…
Things You Should Know About…
[...]I own a pretty hot celebrity gossip web site, and to remain topical, I use market pulse tools.Your property has been burning up detailed Alexa triggers, and I thought I’d check it out and check if I could discover what all of the buzz was about.[…
CNA Training…
[...]visit some of our premium sites below[...]…
Acnezine – face acne…
[...] just listed below, are a few thoroughly unrelated webpages to ours, even so, they are surely worthy of reviewing out [...]…
Cheap Kasper Suits…
[...]listed below are a couple of web links to webpages which I link to since we feel they really are definitely worth visiting[...]…
pics of ghosts…
[...]while the sites we link to below are completely unrelated to ours, we think they are worth a read, so have a look[...]…
nova scotia tourism…
[...]we discover different website pages everyday, we have linked to the webpages we believe are worth going to[...]…
ICICI Money to India…
[...]these are a few listings to places which we link to as we believe they really are well worth checking out[...]…
Online Kasper Suits Petite…
[...]these are a couple of web page links to online sites which we link to seeing that we think they will be seriously worth visiting[...]…
Online Scholarships for Minorities…
[...]in the following are several references to web-sites which we link to seeing that we feel there’re worth visiting[...]…
Your Friend & Partner…
Hey mate! Great blog, I’ve added a link back here which you can find on my links page! Love the site…
ICICI Money to India…
[...]here are a few web page links to places which we connect to seeing as we believe these are worthwhile checking out[...]…
Get Scholarships for Minorities…
[...]listed below are a few references to internet pages which I link to seeing as we think they will be worthy of checking out[...]…
Money for College-Scholarships for Minorities…
[...]in the following are a couple of web page links to online websites I always connect to as we believe there’re worth browsing[...]…
[...]By the way you might want to check out this cool site I found…[...]…
[...] In other news check this out [...]…
Get Money With Scholarships for Minorities…
[...]the following are a handful of links to internet pages we connect to seeing as we feel they are worthy of checking out[...]…
OpenOffice Download…
[...]listed here are several hyper-links to webpages which I link to because we feel there’re worthy of browsing[...]…
Cheap Kasper Suits…
[...]following are some url links to online websites which we connect to seeing as we believe they’re really worth visiting[...]…
Get Scholarships for Minorities…
[...]listed below are several hyper-links to online websites I always connect to for the fact we feel these are worthy of checking out[...]…
Youtube Converter…
[...]the time to read or visit the content or sites we have linked to below the[...]…
why I love my wii…
[...]some of my most visited links are shown beneath and are[...]…
cant wait for the new wii, i cant either!…
[...]we like to list some of our favorite sites, to help them out, check out some of the[...]…
Official Colon Cleanse…
[...]here are some links to sites that we link to because we think they are worth visiting[...]…