Pokemon Go is just the latest example in a growing list of smartphone security breaches. It has been reported that some users may have inadvertently compromised their phone when they downloaded the application by giving hackers access to their gmail accounts. In addition to the compromised gmail accounts, there are instances of hackers being able to take remote control of the smartphone.
According to the Pew institute, 72% of Americans own a smartphone. For 18 to 34 year olds, ownership jumps to 92%1. Clearly this age group has reached a new level of integration with the public internet, but how connected are they to security? Nearly half of iPhone owners are not using the security features included with their phone according to a publication on February 26, 2016 by Duo Labs2. A similar finding was discovered for Android phones according to a report published by Inside BlackBerry on May 12, 2016. This article also stated that 90% of Android users use only one device for both business and personal use3.
There are daily reports of attacks against personal or corporate laptops, desktops, and networks, but rarely their smartphones. Are we ignoring security protocols in one of the fastest growing technical environments?
Just as with other traditional networked devices, individuals and corporations need to take steps to ensure that their smartphones are secure. The same basic steps that you take to harden laptops or servers should also be followed to secure your smartphone. Start by choosing strong passwords, encrypting data residing on the phone, and installing quality antivirus software. These steps are not meant to be followed once, instead they should be constantly updated, especially in regards to changing your passwords.
Smartphones present inherent security risks that other devices do not, such as GPS location, cameras, insecure WiFi connection and autoconnect, and mobile banking. These devices not only contain the majority of our personal data, but they can also track our every move. An argument could be made that the most important device to secure is the smartphone, but the research shows that it is still one of the least secure.
The smartphone is a company’s weakest device operated by a company’s weakest link, their employee. This is creates an incredible variety of attack vectors for a hacker to gain access to employee and corporate data.
1. February 22, 2016 Pew Center Research “Smartphone Ownership and Internet Usage Continues to Climb in Emerging Economies” by Jacob Poushter. (http://www.pewglobal.org/2016/02/22/smartphone-ownership-and-internet-usage-continues-to-climb-in-emerging-economies/)
2. February 26, 2016 Duo Labs “Duolytics: Half of iPhones Running Most Secure Authentication Scheme” (https://duo.com/blog/duolytics-half-of-iphones-running-most-secure-authentication-scheme)
3. May 12, 2016 Inside BlackBerry “Despite Data Security Fears, One in Six Android Users Don’t Know About Android Security Patches: BlackBerry Survey” (http://blogs.blackberry.com/2016/05/despite-data-security-fears-one-in-six-android-users-dont-even-know-about-android-security-patches-blackberry-survey/)
