• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

The Most Vulnerable – Smartphones

July 13, 2016 Posted by Don Lander Cybersecurity, IT Advisory Services, IT Security

Pokemon Go is just the latest example in a growing list of smartphone security breaches. It has been reported that some users may have inadvertently compromised their phone when they downloaded the application by giving hackers access to their gmail accounts. In addition to the compromised gmail accounts, there are instances of hackers being able to take remote control of the smartphone.

According to the Pew institute, 72% of Americans own a smartphone. For 18 to 34 year olds, ownership jumps to 92%1. Clearly this age group has reached a new level of integration with the public internet, but how connected are they to security? Nearly half of iPhone owners are not using the security features included with their phone according to a publication on February 26, 2016 by Duo Labs2. A similar finding was discovered for Android phones according to a report published by Inside BlackBerry on May 12, 2016. This article also stated that 90% of Android users use only one device for both business and personal use3.

There are daily reports of attacks against personal or corporate laptops, desktops, and networks, but rarely their smartphones. Are we ignoring security protocols in one of the fastest growing technical environments?

Just as with other traditional networked devices, individuals and corporations need to take steps to ensure that their smartphones are secure. The same basic steps that you take to harden laptops or servers should also be followed to secure your smartphone. Start by choosing strong passwords, encrypting data residing on the phone, and installing quality antivirus software. These steps are not meant to be followed once, instead they should be constantly updated, especially in regards to changing your passwords.

Smartphones present inherent security risks that other devices do not, such as GPS location, cameras, insecure WiFi connection and autoconnect, and mobile banking. These devices not only contain the majority of our personal data, but they can also track our every move. An argument could be made that the most important device to secure is the smartphone, but the research shows that it is still one of the least secure.

The smartphone is a company’s weakest device operated by a company’s weakest link, their employee. This is creates an incredible variety of attack vectors for a hacker to gain access to employee and corporate data.

1. February 22, 2016 Pew Center Research “Smartphone Ownership and Internet Usage Continues to Climb in Emerging Economies” by Jacob Poushter. (http://www.pewglobal.org/2016/02/22/smartphone-ownership-and-internet-usage-continues-to-climb-in-emerging-economies/)

2. February 26, 2016 Duo Labs “Duolytics: Half of iPhones Running Most Secure Authentication Scheme” (https://duo.com/blog/duolytics-half-of-iphones-running-most-secure-authentication-scheme)

3. May 12, 2016 Inside BlackBerry “Despite Data Security Fears, One in Six Android Users Don’t Know About Android Security Patches: BlackBerry Survey” (http://blogs.blackberry.com/2016/05/despite-data-security-fears-one-in-six-android-users-dont-even-know-about-android-security-patches-blackberry-survey/)

Tags: Penetration Testing
Share
0
Don Lander

About Don Lander

Joining the firm in 2014, Don is a Project Manager. Prior to joining the firm, Don was an IT Implement manager for a number of major financial services corporations in the Boston and Providence area for the past 25 years.

You also might be interested in

OCD Tech to Speak for BrightTALK on Emerging Threats

Aug 9, 2016

On December 6th, 2016, two members of our team, Nick[...]

$650,000 HIPAA Fine

Jul 6, 2016

In a landscape-shaping turn of events, the first HIPAA Business[...]

Vulnerability_Assesment vs. Penetration_Testing

Vulnerability Assessment vs. Penetration Testing

Aug 2, 2016

In the world of IT Security, one question consistently rises[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next