The Best Practices for Improving Mobile Device Security on Your Network
Require Screen Lock
Enabling a strong password authenticated screen lock is a widely recognised best practice for securing mobile devices, whether they are corporate or personal. Despite this, we continue to observe a significant number of people and businesses neglecting this important security measure. Some individuals prioritise ease and convenience over security, preferring not to enter a screen lock code each time they access their device, while others may forget or overlook this step altogether.
Research by groups like Pew Research Center have previously reported that 28% of smartphone owners do not use screen locks or other security features such as Fingerprint or Facial Recognition to access their devices. A report by Duo revealed that 1 in 3 Android devices lack passcodes on their lock screens, compared to 1 in 20 on Apple devices. Additionally, over the past two years, research found that 5% of users have not enabled or configured screen locks on their devices.
Shut Out Tampered Devices
There are various reasons why people choose to jailbreak their devices, including legitimate research and development purposes, curiosity or the want to access features they may not normally have access to, or malicious intentions. Bad actors often aim to carry out attacks without being detected or identified, and jailbreaking (or rooting) their device allows them to conceal their identity and device information with false data. However, regardless of the motivation, jailbreaking a device means that the security model of the mobile device operating system can no longer be considered trustworthy. Likewise, when jailbreaking devices, this also prevents them from getting security patches when the latest vulnerabilities are discovered.
Similar to the issue of screen locks, tampered devices are a common problem worldwide. It is challenging to determine the exact number of jailbroken devices, but Pingdom estimates that as many as 8.5% of iOS devices worldwide may be jailbroken. The popularity of jailbreaking among users is also evidenced by the 658,000 members of a subreddit dedicated to jailbreak, where tips and discussions on jailbroken devices are shared.
As for Android devices, security experts from Verimatrix have reported that as many as 36 out of every 1000 Android devices globally are rooted or have some form of jailbreak. However, this does not include devices with applications that have been ‘side loaded’ which avoid Google Play Store app verification, which is expected to be 20% (or more) of Android users.
Enable full-disk encryption
It’s important to care about whether mobile devices are encrypted and whether non-encrypted devices are accessing your applications for several reasons. Data is stored on a device’s memory, either automatically from apps or manually by a user. This means that some of your organization’s critical data could be saved on a device’s memory or memory card. Leaving the device unencrypted increases the risk of potential bad actors gaining easy access to that sensitive data if the device falls into the wrong hands.
As organisations increasingly use more mobile devices, there is also an increase in security vulnerabilities. For example, lost or stolen devices can pose a risk, and such incidents may go unreported. According to Verizon’s 2022 Data Breach Investigation, 82% of breaches involved a Human Element, and there has been a 13% increase in ransomware on mobile devices, which is more than the last five years combined.
Get in touch with us here at One2Call to find out how to improve your Mobile Device Security throughout your business:
Main Number: 0333 313 77 73
Email Address: [email protected]
Latest News Stories
Greece’s Education System Hit By ‘Largest Ever’ Cyber Attack
Greece's Education Ministry has been subjected to an unprecedented cyber attack, described as the most extensive in the country's history. The malicious attempt aimed to disrupt the centralised high school examination platform known as the “Subject Bank”. The Subject...
Celebrating our Local Football Teams
In a remarkable turn of events that has sent waves of jubilation throughout the Sheffield region, both Sheffield Wednesday and Sheffield United football clubs have secured their respective promotions in the 2022-2023 season. This is a tremendous achievement for both...
Rochester Schools Still Suffering 1 Month After Cyber Attack
Rochester Public Schools, based in Minnesota, was hit by a significant ransomware attack on 6th April 2023, disrupting its operations and affecting thousands of students, teachers, and staff members. The attack was first detected at 4:30 a.m. by a member of their IT...
Our Customers
Testimonials
Jake, Opus UK
Closing tickets faster than I can submit them.
Danielle, Tremark Associates Ltd
Jordan dealt with both my issues quickly and were both sorted within the hour.
LFP Financial Planning
Excellent speedy service! Thank you for your help.