In two weeks, the security community will flock to San Francisco for this year’s RSA Conference. With two-thirds of Internet users now accessing the Internet via their mobile devices daily and mobile malware reportedly up over 185 percent in 2012, the hottest topic on the docket is mobile security.
Whether you’re attending RSA or just curious about what the experts are saying, here are six tips for protecting your mobile identity (and privacy) in 2013:
1. Use a password (duh)
Yes, we’ve all heard that someday passwords might be replaced by retina scans. But for now, password management should top the list of security threat countermeasures for businesses and consumers alike. In fact, implementing a passcode on your device is probably the strongest deterrent to a would-be hacker. Surprisingly, many people omit the easiest and quite possibly the most effective security mechanism there is.
Once someone gets access to your device, they have access to personal information on the device and, in many cases, the applications and the data in those applications, including emails.
Corporations are still waking up to the reality that they have to implement mobile device management (MDM) software to protect company devices or BYOD devices. For businesses, most MDM solutions offer the ability to reset passwords if the device has been compromised or even wipe the device clean so that the thief can’t get access to sensitive data.
2. Antivirus for all devices
Antivirus software is commonplace for desktop and home computers. Most users realize that antivirus software can provide continuous protection against viruses and malware that penetrate desktops or servers. But installing antivirus software on mobile devices is a relatively new concept — even though it protects mobile devices in a similar fashion.
Many of the traditional providers of antivirus software, like McAfee, Trend Micro and Symantec, offer mobile antivirus software that can protect your mobile devices from a multitude of potential security hazards.
3. Try two-factor authentication
Surfing websites, transacting online and accessing web-based applications opens you up to exponentially more security threats. Two-factor authentication (2FA) is the safest way to surf and conduct business online. Not all sites and applications support 2FA, and those that do are often optional, but it is safest to enable 2FA whenever available.
For example, did you know that Gmail offers 2FA? For users with 2FA Gmail enabled, when logging in, they will be prompted for a password and be sent a passcode to their device, which is required as a second “factor” in order to gain access to their account.
And if Twitter is jumping on board after its own public debacle last week, you might strongly think about it too.
4. Remotely disable devices
Other functions that are often not set up are the “remotely disable” features. Actually, apps like Find My iPhone (or iPad, or Mac) have many features that can immediately secure a lost or stolen device and even help you recover it. Find My iPhone “lost mode” will allow you to lock the device and send it a message with your contact number.
If they haven’t already, corporate IT departments should implement MDM software that will allow them to manage thousands of devices at a time from multiple manufacturers. For many industries, this may be more than just being prudent — it may be the law.
5. Accept those mobile updates…fast!
Vendors are increasingly focused on security in light of recent high-profile breaches. As a result, they are working fast and furious to deliver security updates. Unfortunately, users don’t update their mobile operating systems and applications in a timely manner.
Google is turning out Android updates, yet it often takes a considerable amount of time for the handset manufacturers to integrate the new releases with its devices. Same with applications; updates go unnoticed for far too long. MDM software can make it easy for companies to track software updates and distribute them automatically to users.
6. Jailbroken = less secure
Users “jailbreak” phones for many reasons, including gaining access to applications outside the manufacturers’ app store or to use the phone with different carriers. Unfortunately, jailbreaking can mean compromising the device’s built-in security defenses.
Installing unauthorized applications and modifying the mobile operating system can introduce viruses and malware to the environment. Users should refrain from jailbreaking devices to maintain security. And companies should utilize MDM software to monitor employees’ devices and block attempts to jailbreak their devices.
Raj Sabhlok is the president of Zoho Corp., which is the parent company of Zoho.com and ManageEngine. Follow him @rajsabhlok
The post 6 mobile security screw-ups you’re (probably) guilty of appeared first on ManageEngine Blogs.
The original article/video can be found at 6 mobile security screw-ups you’re (probably) guilty of