Unprotected Mobile Devices and Mobile Theft Epidemic

It is astonishing to know how many people do not password-protect their mobile devices for both business and personal use. There are more than 40% of mobile device users that are not using any passwords or security applications. If your mobile device is lost or stolen and it’s not password protected, your accounts and personal information is 100% accessible.  I wonder if users realize how vulnerable they are if their mobile devices  (Smart Phones or Tablets) are stolen or misplaced.  Cyber criminals are looking for weaknesses especially on Android platforms. My device is a Windows 8 business mobile phone pre-loaded with Microsoft Office, Banking, Public and Work Email Accounts, Cloud Storage (SkyDrive), Banking, Credit Card and Payment Apps requiring a log on. The thought of this information getting into the wrong hands is bothersome and the impact would be devastating.

Mobile theft is a growing issue that also affects businesses and consumers equally. Cell-phone theft in major cities (i.e. San Francisco, New York) has become a national crime epidemic. It will only take a few minutes for someone to steal all sensitive data stored in your mobile device which will be unfortunate and upsetting. Bring Your Own Device (BYOD) or it is now referred to Bring Your Own Disaster or/and Bring Your Own Apps Smartphones and Tablets are growing, make sure that security protocols are enforced to protect corporate data on all devices. Please read my BYOD Article here for best practices.

 

To prevent potentially embarrassing information falling into the wrong hands, don’t keep private information stored directly on your personal or business phone but store private information, photos or documents remotely or via cloud. Sometimes, storing data via cloud is neither viable option but it is convenient to most of us. It is still a good practice to store files locally and have them on hand in the event you can’t connect to the cloud for any reasons. If that’s the case, the precautionary step you might want to consider is enabling a password lock. Every mobile OS has a password lock feature such as iOS, BlackBerry OS, Windows, Android platforms that will allow you to set a PIN password or a more complex alphanumeric pass-code for the lock screen.

Best Practices to Protect/Secure Your Mobile Devices and Control Theft Epidemic:

  • Password protect all your mobile devices and do not use easy to remember passwords.
  • Never use the “remember me” function on your apps or mobile web browser, and make sure to log out of your accounts.
  • Do not share your PIN/Passwords with anyone, even with a family or close friends.
  • Reading online resources to keep you educated on the latest techniques/means to protect your mobile device is vital.
  • Implement best practices to protect corporate networks and allow consumers to download music, store digital files, bank, shop, surf and search safely.

 

Securing Mobile Devices on Bring Your Own Device (BYOD)

With a myriad of mobile devices being used on a variety of new platforms (Android, Windows 8, iOS 6, etc.) – IT Professionals are beginning to raise concerns on how to manage and secure these devices. With more of the device processing occurring outside the company, these concerns are critical. What if an employee handed their company phone to another employee? In today’s environment, this second employee could take advantage of the situation and use the phone for non-approved activities. This could create significant employment issues for the first employee. On another level, there’s the potential threat from mobile malware that’s becoming more prevalent.

owndevice

Some businesses are seeing Employees bringing their own Droids, iPhones, iPads, and other Tablets to work and using them for personal and business purposes. While this may generate the perception that it’s e great for productivity, the invasion of personal smartphones and tablets in the workplace can cause a significant risk to your organization’s security. Without having a proper strategy you could be at risk.

When employees are given carte blanche on the corporate network with their mobile devices (installing Apps and use of Cloud storage), there is a significant potential for corporate data loss. Any time a phone is lost, stolen, or even simply sold or exchanged, the potential for compromising of data may occur. This can be prevented by implementing encryption, password restriction, and remote wipe and lock thru a Mail Server.

byod1

It’s vital for IT Professional to secure access to corporate data. Bring Your Own Device (BYOD) or personal and corporate use can be managed by using third-party software (listed below) to secure data in your wireless phone and company. Investing in a Mobile Device Management (MDM) solution that controls which devices can access specific applications on your network is a smart decision. By taking precautionary steps, files are secured with the highest encryption for file sharing.

On July 10, 2013, I was given an opportunity to attend an IT Security Seminar and have met some of these top MDM Vendors.

AirWatch
BoxTone
Eset Mobile Security
Exitor
FancyFon
McAfee Enterprise Mobility Management
Mobile Active Defense
Symantec Mobile Management
Trend Micro Mobile Security

Why secure BYOD’s? It’s not the devices that are causing lots of the problems. The challenge is employees wanting to use their own device for both personal and professional business. This creates a host of security issues, as mentioned earlier, and the reason to implement controls and security measures.

The Do’s and Don’ts of Basic Internet and Network Security

How certain are you that no untrustworthy individuals or unauthorized activities can access your network? Are your network files safe? Do you have some security protection (software and hardware) to keep your vital documents safe in your computer? How important is it for you to guard all your Credit Card, Bank Account and other critical information stored in your computer?  Is your network secured with the highest encryption? Did you know that your network can be vulnerable from any unseen threats?

The Do’s:

1.  If you can afford to buy a Security Device (in addition to your router’s security features) like Sonicwall which is designed for small to large business use, it’s worth every penny and will protect your investments.  Sonicwall Appliance has advanced Content filtering  that will block unwanted ports, programs and sites,  fully configurable and advanced firewall or application firewall.  In addition, IPS protection, anti-virus, anti-spyware and mac address spoofing are great features of the Sonicwall Device.

Otherwise you may also block unwanted sites and ports from your router settings. The images that you will see in this Article are coming from a DLink Router. If you are using a different router other than D-Link,  the settings will have similar features.

 
 
 

2.   Protect your computer by using an Anti-Virus/Anti-Spyware Software and make sure that the update is set to automatic update.  There are a few free software that you may try such as Microsoft Security Essentials, Avast, AVG Free or check on line for a lot more options. Malwarebytes and SuperAntiSpyware are also Free and both an excellent Anti Malware and Anti Spyware protection.  Comodo and PCTools Firewall Plus are both great and Free Firewall software protection. If you want a paid solution I would recommend Eset Smart Security 5.

3.   Use  web browsing protection,  you may try programs like WOT (Web of Trust) and Browser Defender. Also,  you may try Rapport for preventing phishing, connections to fake websites and to protect your passwords.

4.  Use an adblocker program to block intrusive ads which can contain malicious scripts such as clickjacks or trojans containing a viral payload.  There are free programs that you may try such as Simple Adblock IE or Adblock plus for Firefox.

5.   If you do not use a third party firewall,  make sure that your computer’s built-in firewall and Windows Updates are enabled and verify that your computer stays current with all Windows Updates and Patches. You may enable both features from Control Panel\System and Security.

 

6.   Use WPA2 Network Security for your wireless network, if you are using a wired network and don’t have any broadband connections, there’s no need to worry about securing your network. Both WEP and WPA have been hacked, if you have an old wireless router that doesn’t support WPA2, you should consider replacing it since routers now have become very affordable.

 
 
 
7.  Enable Guest Zone in your router if your router supports this feature. You will be creating a separate SSID for your Guests and it is safer this way.
 
 
 
 
 8.  Install Secunia (PSI) – Having vulnerable and outdated programs installed in your computer is not a good practice.  Secunia helps keep track of these programs such as End of Life, Insecure and Patched programs.
 
 

9.   Encrypt your Files or/and Drives.  Windows 7 Enterprise, Windows 7 Ultimate, and  all editions of Windows Server 2008 R2 comes with Bitlocker . You may access Bitlocker from Control Panel\System and Security\BitLocker Drive Encryption.

 
 
10.   Password protect your files.  Microsoft Office (Word, Excel, Outlook) has a built-in tool to password protect each document and worksheet. How much information do you have stored in your Outlook, important emails, calendar, tasks, etc.  I have my own Article on how to password protect Outlook. http://www.techsupportforum.com/3599-how-to-password-protect-outlook-pst/
 
11.   Use complex passwords for routers and website authentication.  It’s a good practice to mix letters, numbers and symbols by using both uppercase and lowercase for letters.

The Don’ts:

1.     Don’t use simple passwords for your router’s Login or websites such as 1234 or 4321, 9999 or peoples names or date of birth.  Don’t use the router’s default Password,  this needs to be changed  immediately when you first setup your router.

2.     Avoid using the most dangerous keyword searching. http://us.mcafee.com/en-us/local/docs/most_dangerous_searchterm_us.pdf

3.      Avoid opening up email attachment from anyone that you don’t know. Do not open any .exe files. Be careful with scam and phishing email, it is best to delete any emails that look suspicious.
 
4.     Don’t disable the security features on your security devices or software.

5.     Don’t use the autocomplete feature in your web browser, this will remember your passwords entered.  It is convenient,  but security wise it’s not safe.

6.      Avoid using any P2P programs such as utorrent, Frostwire , Bittorrent etc…

7.      Do not enable DMZ Host in your Router, this will bypass the port-forwarding,  therefore it is very risky and be cautious and know the security risks in case that you have no option but enable this feature.

8.     Do not enable Remote Management in your Router; this can be easily enabled if  you need it.

 
 
  9.   Do not disable the password protection in your Cell Phone. Cell phones must be password protected because they can easily be stolen, lost or misplaced.  If you have a Microsoft Outlook synching on your phone, imagine all the critical information stored in your cell phones. If this is a business cell phone, inform your IT Dept right away because there’s a way to remotely wipe out all the data in your phone.
 

Now that you have read all the Do’s and Dont’s of Basic Internet and Security, and are aware of all the security threats and facts, it is best to practice all of the security measures.

Please take some time to read the documentation that came with your security device and Internet security software.

If you are in a network environment that utilizes the internet all day long or for a longer period of time, make sure that your router has some very strong security features, replace it and buy a new one if it’s too old. Something that you might want to consider doing is purchasing an additional security protection like Sonicwall Security hardware appliance especially if you are a business owner, rest assured that your network will be protected and not vulnerable to outside threats.

***A special ‘Thanks’ to Paul Campbell for his guidance and contribution  in completing this Article.***