The Best Practices for Improving Mobile Device Security on Your Network
Require Screen Lock
Enabling a strong password authenticated screen lock is a widely recognised best practice for securing mobile devices, whether they are corporate or personal. Despite this, we continue to observe a significant number of people and businesses neglecting this important security measure. Some individuals prioritise ease and convenience over security, preferring not to enter a screen lock code each time they access their device, while others may forget or overlook this step altogether.
Research by groups like Pew Research Center have previously reported that 28% of smartphone owners do not use screen locks or other security features such as Fingerprint or Facial Recognition to access their devices. A report by Duo revealed that 1 in 3 Android devices lack passcodes on their lock screens, compared to 1 in 20 on Apple devices. Additionally, over the past two years, research found that 5% of users have not enabled or configured screen locks on their devices.
Shut Out Tampered Devices
There are various reasons why people choose to jailbreak their devices, including legitimate research and development purposes, curiosity or the want to access features they may not normally have access to, or malicious intentions. Bad actors often aim to carry out attacks without being detected or identified, and jailbreaking (or rooting) their device allows them to conceal their identity and device information with false data. However, regardless of the motivation, jailbreaking a device means that the security model of the mobile device operating system can no longer be considered trustworthy. Likewise, when jailbreaking devices, this also prevents them from getting security patches when the latest vulnerabilities are discovered.
Similar to the issue of screen locks, tampered devices are a common problem worldwide. It is challenging to determine the exact number of jailbroken devices, but Pingdom estimates that as many as 8.5% of iOS devices worldwide may be jailbroken. The popularity of jailbreaking among users is also evidenced by the 658,000 members of a subreddit dedicated to jailbreak, where tips and discussions on jailbroken devices are shared.
As for Android devices, security experts from Verimatrix have reported that as many as 36 out of every 1000 Android devices globally are rooted or have some form of jailbreak. However, this does not include devices with applications that have been ‘side loaded’ which avoid Google Play Store app verification, which is expected to be 20% (or more) of Android users.
Enable full-disk encryption
It’s important to care about whether mobile devices are encrypted and whether non-encrypted devices are accessing your applications for several reasons. Data is stored on a device’s memory, either automatically from apps or manually by a user. This means that some of your organization’s critical data could be saved on a device’s memory or memory card. Leaving the device unencrypted increases the risk of potential bad actors gaining easy access to that sensitive data if the device falls into the wrong hands.
As organisations increasingly use more mobile devices, there is also an increase in security vulnerabilities. For example, lost or stolen devices can pose a risk, and such incidents may go unreported. According to Verizon’s 2022 Data Breach Investigation, 82% of breaches involved a Human Element, and there has been a 13% increase in ransomware on mobile devices, which is more than the last five years combined.
Get in touch with us here at One2Call to find out how to improve your Mobile Device Security throughout your business:
Main Number: 0333 313 77 73
Email Address: [email protected]
Latest News Stories
Gmail Security Compromised: Verified Checkmark System Under Attack
Gmail's newly introduced security measure, the verified checkmark system for emails, has already been exploited by scammers to deceive users. The system was launched with the intent of identifying verified companies and organisations with a blue checkmark, providing a...
Hackers Steal Data from Cloud Transfer Platform
UPDATE, June 5th 2023: British Airways & Boots have confirmed that they are among serveral UK Businesses who have been effected by the MOVEit Data Breach. British Airways have also confimred that more than 34,000 Employee Details have been exposed as a result....
Idaho Hospitals Divert Ambulances after Cyber Attack
Earlier this week Idaho Falls Community Hospital, an established healthcare centre in eastern Idaho, was forced to divert ambulances to alternate hospitals for over a day due to a significant cyber attack on the hospital which was confirmed by the hospital...
Our Customers
Testimonials
Christine, Toutes Directions
You have a fabulous team at One2Call, they are all very knowledgeable and very helpful!
Janine Clerehugh-Owen, Matrix Business Park
Excellent service, immediate call out the following day after reporting issue.
Mick, Utility 360
They’re always so helpful and nothing is ever too much trouble!