Protecting smartphones is a priority for companies, and it should be for users too. Every time we use the mobile to do more things, it is an increasingly important target for cybercriminals.
Do you go with your smartphone everywhere? Next to the bedside table while you sleep, do you always have it at hand? When you leave home, do you prefer to leave your wallet behind than your mobile? Do you have your bank details and financial information stored on your mobile? And the car and house keys, do you also carry them on your mobile? Finally, do you feel that your smartphone has become an extension of your hand and your mind? If you answered yes to most of these questions, you should start looking for help or keep reading.
With iOS and iPadOS 15, you can incorporate digital copies of your driver’s license and your documentation, whether work, study, or official, along with credit cards, into your Apple Wallet. Also, you can show your digital ID and your boarding passes on your iPhone or Watch when you are at the airport security control to access your flight. Furthermore, also, you can transfer a duplicate of your COVID inoculation card to your portable since an ever increasing number of eateries, and indoor scenes require verification of immunization to get entrance. Without a doubt, soon, you will be able to leave your ‘physical’ wallet and keys at home and go everywhere with your mobile device.
Unfortunately, cybercriminals today use both physical and virtual vectors to attack mobile devices, so protecting smartphones is critical. Threat actors want to control your device’s processing power, which they can use to mine cryptocurrency, participate in mobile botnets to send phishing messages, steal your data and sensitive information (including login ), display malicious advertisements, performing Distributed Denial of Service (DDoS) attacks on websites, or cyber espionage. These cybercriminals aim to steal mobile identities, digital wallets, and financial account information to sell to hackers on the ‘dark web.’
We can only take a deep breath and fight hard against these threat actors in this situation. We recommend you follow these best practices to protect smartphones, both physically and virtually, by applying multiple layers of protection.
- Activate your device’s screen lock with biometric authentication such as iOS Face ID, Fingerprint, Android Face Unlock, or Samsung Iris Unlock. This is the first barrier that the hacker will try to jump if your mobile is lost or stolen.
- Enable file-based encryption. This feature is activated automatically as soon as a strong access code is created, from which the data protection process for file-based encryption starts. This is the second barrier that a threat actor must deal with.
- Never share your credentials with anyone and enable multi-factor authentication (MFA) for your online accounts and remote access services, such as virtual private networks (VPNs). It uses more secure authentication factors based on inherence (biometrics), possession, and context (location and time of day), not ‘knowledge’ factors such as passwords or PINs.
- Try not to connect to unsecured Wi-Fi networks. If you must do it in public spaces, such as the airport or the hotel, keep a VPN active.
- Regularly update your operating system and applications.
- Install a mobile threat defense (MTD) on all your mobile devices, preferably with advanced detection and protection capabilities at the device, application, and network levels, including antiphishing protection for email, attachments, and text messages.
- Download just applications from the iOS App Store or Google Play. If your company uses a Unified Endpoint Management (UEM) platform, the IT administrator can deploy the company’s ‘app store’ or silently install work apps on the managed device. If your device is lost or stolen, UEM can remotely lock or wipe it, safeguarding your data.
- Do not jailbreak or root your mobile devices. By doing so, you remove the native protections of the device and allow malicious exploits to be installed that will take control of it.
- Back up important data to your desktop, or upload it to your trusted cloud storage service.
- With the ongoing pandemic and resurgence of COVID, we spend much of our time at home. I use a home firewall with an intrusion prevention system activated in front of my wireless router. There are free, open-source firewalls that you can install and run on an older PC, with easy-to-follow online instructions.
Read More: Basic mobile security tips
Use common sense to protect smartphones from cyber criminals, just like you would if you had to protect your wallet and valuables from thieves. Go one step further and implement these more aggressive measures to cover all your mobile devices. Undoubtedly, more to the value of the confidential data and the irreplaceable content that your device may contain than the cost of its replacement.