The Best Practices for Improving Mobile Device Security on Your Network
Require Screen Lock
Enabling a strong password authenticated screen lock is a widely recognised best practice for securing mobile devices, whether they are corporate or personal. Despite this, we continue to observe a significant number of people and businesses neglecting this important security measure. Some individuals prioritise ease and convenience over security, preferring not to enter a screen lock code each time they access their device, while others may forget or overlook this step altogether.
Research by groups like Pew Research Center have previously reported that 28% of smartphone owners do not use screen locks or other security features such as Fingerprint or Facial Recognition to access their devices. A report by Duo revealed that 1 in 3 Android devices lack passcodes on their lock screens, compared to 1 in 20 on Apple devices. Additionally, over the past two years, research found that 5% of users have not enabled or configured screen locks on their devices.
Shut Out Tampered Devices
There are various reasons why people choose to jailbreak their devices, including legitimate research and development purposes, curiosity or the want to access features they may not normally have access to, or malicious intentions. Bad actors often aim to carry out attacks without being detected or identified, and jailbreaking (or rooting) their device allows them to conceal their identity and device information with false data. However, regardless of the motivation, jailbreaking a device means that the security model of the mobile device operating system can no longer be considered trustworthy. Likewise, when jailbreaking devices, this also prevents them from getting security patches when the latest vulnerabilities are discovered.
Similar to the issue of screen locks, tampered devices are a common problem worldwide. It is challenging to determine the exact number of jailbroken devices, but Pingdom estimates that as many as 8.5% of iOS devices worldwide may be jailbroken. The popularity of jailbreaking among users is also evidenced by the 658,000 members of a subreddit dedicated to jailbreak, where tips and discussions on jailbroken devices are shared.
As for Android devices, security experts from Verimatrix have reported that as many as 36 out of every 1000 Android devices globally are rooted or have some form of jailbreak. However, this does not include devices with applications that have been ‘side loaded’ which avoid Google Play Store app verification, which is expected to be 20% (or more) of Android users.
Enable full-disk encryption
It’s important to care about whether mobile devices are encrypted and whether non-encrypted devices are accessing your applications for several reasons. Data is stored on a device’s memory, either automatically from apps or manually by a user. This means that some of your organization’s critical data could be saved on a device’s memory or memory card. Leaving the device unencrypted increases the risk of potential bad actors gaining easy access to that sensitive data if the device falls into the wrong hands.
As organisations increasingly use more mobile devices, there is also an increase in security vulnerabilities. For example, lost or stolen devices can pose a risk, and such incidents may go unreported. According to Verizon’s 2022 Data Breach Investigation, 82% of breaches involved a Human Element, and there has been a 13% increase in ransomware on mobile devices, which is more than the last five years combined.
Get in touch with us here at One2Call to find out how to improve your Mobile Device Security throughout your business:
Main Number: 0333 313 77 73
Email Address: [email protected]
Latest News Stories
Emily Laycock, CFS Formations
Very friendly and helpful over the telephone. Engineers worked fast to fix our issues.
Rob Watt, Straaltechniek
Quick and easy. Pawel always great to deal with.
Hannah, Sutton McGrath Hartley
Easy to get in touch with, very efficient in responding and quick to provide assistance.