The Best Practices for Improving Mobile Device Security on Your Network
Require Screen Lock
Enabling a strong password authenticated screen lock is a widely recognised best practice for securing mobile devices, whether they are corporate or personal. Despite this, we continue to observe a significant number of people and businesses neglecting this important security measure. Some individuals prioritise ease and convenience over security, preferring not to enter a screen lock code each time they access their device, while others may forget or overlook this step altogether.
Research by groups like Pew Research Center have previously reported that 28% of smartphone owners do not use screen locks or other security features such as Fingerprint or Facial Recognition to access their devices. A report by Duo revealed that 1 in 3 Android devices lack passcodes on their lock screens, compared to 1 in 20 on Apple devices. Additionally, over the past two years, research found that 5% of users have not enabled or configured screen locks on their devices.
Shut Out Tampered Devices
There are various reasons why people choose to jailbreak their devices, including legitimate research and development purposes, curiosity or the want to access features they may not normally have access to, or malicious intentions. Bad actors often aim to carry out attacks without being detected or identified, and jailbreaking (or rooting) their device allows them to conceal their identity and device information with false data. However, regardless of the motivation, jailbreaking a device means that the security model of the mobile device operating system can no longer be considered trustworthy. Likewise, when jailbreaking devices, this also prevents them from getting security patches when the latest vulnerabilities are discovered.
Similar to the issue of screen locks, tampered devices are a common problem worldwide. It is challenging to determine the exact number of jailbroken devices, but Pingdom estimates that as many as 8.5% of iOS devices worldwide may be jailbroken. The popularity of jailbreaking among users is also evidenced by the 658,000 members of a subreddit dedicated to jailbreak, where tips and discussions on jailbroken devices are shared.
As for Android devices, security experts from Verimatrix have reported that as many as 36 out of every 1000 Android devices globally are rooted or have some form of jailbreak. However, this does not include devices with applications that have been ‘side loaded’ which avoid Google Play Store app verification, which is expected to be 20% (or more) of Android users.
Enable full-disk encryption
It’s important to care about whether mobile devices are encrypted and whether non-encrypted devices are accessing your applications for several reasons. Data is stored on a device’s memory, either automatically from apps or manually by a user. This means that some of your organization’s critical data could be saved on a device’s memory or memory card. Leaving the device unencrypted increases the risk of potential bad actors gaining easy access to that sensitive data if the device falls into the wrong hands.
As organisations increasingly use more mobile devices, there is also an increase in security vulnerabilities. For example, lost or stolen devices can pose a risk, and such incidents may go unreported. According to Verizon’s 2022 Data Breach Investigation, 82% of breaches involved a Human Element, and there has been a 13% increase in ransomware on mobile devices, which is more than the last five years combined.
Get in touch with us here at One2Call to find out how to improve your Mobile Device Security throughout your business:
Main Number: 0333 313 77 73
Email Address: [email protected]
Latest News Stories
Businesses Exposed in MOVEit Data Breach targeted by Ransom Demand
The notorious cyber crime syndicate, believed to be stationed in Russia, known as the Clop group, has sent an ominous warning to victims of a recent global cyber attack. In a message posted on the dark web, the group has urged those impacted by the MOVEit hack to...
London School Forced to Shut Down Amid “Devastating” Cyber Attack
Leytonstone School, situated in Waltham Forest, London, has forced to shut its doors due to a severe cyber attack on the school. The assault on the school's IT infrastructure has been described as "devastating", resulting in a significant quantity of private data...
British Airways & Boots Staff Personal Data Exposed In Data Breach
In a recent disclosure by British Airways (BA), it was reported that all its UK-based staff have had their personal data exposed in a cyber attack. The information compromised in this security breach includes bank and contact details. This breach occurred following an...
The Willows School
What do we like – always polite, they always keep you in the loop, always professional over the phone and In person. great company.
Dawn Brown, V & P Solutions
Fast, efficient service – problem was quickly resolved.
You would think after using One2Call for over a decade I could have found a better Service Provider.