www.sophos.com/loveyourphone Mobile device security Practical advice on how to keep your mobile device and the data on it safe
Mar 30, 2015
www.sophos.com/loveyourphone
Mobile device security
Practical advice on how to keep your mobile device and the data on it safe
www.sophos.com/loveyourphone
Air, water, food… mobile devicesMobile devices are now an integral part of our lives
www.sophos.com/loveyourphone
72%growth in worldwide
smartphone sales in 2010
400x• September 2009 - 0.02%• January 2011 - 8.09%
increase in UK web traffic from a mobile device31%
of US cell phone users own smartphones
mobile devices sold in 2010
1.6 billion
Huge growth in smartphone use
www.sophos.com/loveyourphone
And they’re taking over from PCs
28%of tablet users use the device as their primary computer
of all UK website traffic (not just mobile)
4.5%iPhone traffic responsible for
www.sophos.com/loveyourphone
“If a smartphone lives up to what it
should be then it is something, as
human beings, we will have an
emotional relationship with because
it's there all the time, it's our window
on the world, it's our mouthpiece, it's
everything we are and have. ‘My life
is in there’ you hear people scream.”
– Stephen Fry
My life is in there
www.sophos.com/loveyourphone
So how did we get here?Mobile devices are developing quicker than ever before:
1st cell phone
call
1973
1st
person-to-person SMS
message
1993
1st internet use
on a cell phone
1999
1st
Windows tablet PC launched
2001
1st
BlackBerry launched
2002
1st iPhone
launched
2007
1st
Android OS
launched
2008
20between 1st cell phone call and 1st SMS
years 6between 1st SMS and 1st internet use on a cell phone
years 1yearbetween 1st iPhone and 1st Android OS
www.sophos.com/loveyourphone
Blurring the home-work boundaries
• Accessing personal websites from work devices
• Reading work emails on personal devices
• Accessing corporate systems outside the office
Whoever owns the device, with smartphones and tablets the boundaries between personal and work use merge.
www.sophos.com/loveyourphone
• Work from any location• Work at any time• Reduced operating costs• People prefer them
• Greater productivity• Greater flexibility• Increased response times• Happier staff
The benefits of mobile devices at work
www.sophos.com/loveyourphone
Lost or stolen devices
Mobile malware (e.g. viruses)
Data loss
Financial theft
But it’s not all good news
Which in turn lead to:Mobile security risks include:
Lost or stolen devices
Mobile malware (e.g. viruses)
Data loss
Financial theft
www.sophos.com/loveyourphone
Lost or stolen devices
Unattended device
Unauthorized access
Data theft
www.sophos.com/loveyourphone
Mobile malware
• 2010: Google removed banking malware that had gathered information on more than 1m Android users
• 2011: Zeus malware for Android steals financial data
• But it will be come a major threat in the future.
Mobile malware (e.g. malicious apps, Trojans etc.) is still in its infancy. But it does exist and the focus is on data theft:
www.sophos.com/loveyourphone
Data = £ $ € ¥Criminals can convert data to money in many different ways:
Bank detailsSteal money
Make fraudulent purchases
Sell to other criminals
Email addressesSell to spammers
Personal identitiesMake fraudulent purchases
Sell to other criminals
Company dataBlackmail
Sell to other parties
Steal money
Make fraudulent purchases
Sell to other criminals
Sell to spammers
Make fraudulent purchases
Sell to other criminals
Blackmail
Sell to other parties
www.sophos.com/loveyourphone
Your contacts?
Your work emails?
Your bank account?
Your online store accounts?
Your company’s data?
Your holiday plans?
Your photos?
Your contacts?
Your work emails?
Your bank account?
Your online store accounts?
Your company’s data?
Your holiday plans?
Your photos?
How secure are your devices?If your personal or work devices fell into the wrong hands, what could people access?
www.sophos.com/loveyourphone
Widespread lack of awareness
89%unaware that smartphones can transmit confidential payment information such as credit card details without the user being prompted
65%worry more about security on their laptop or desktop PC than their mobile device
67%do not use keypad locks or passwords
www.sophos.com/loveyourphone
How to secure your mobile... and your life
As a basic rule, consider your device like your computer
www.sophos.com/loveyourphone
For individualsSecure your device
Always lock it
Apply a complex passcode
Shield your passcode
Apply the latest patches
Prevent malware infection
Don’t click on unsolicited links
Think before downloading apps
Be data aware
Be careful what you share
Encrypt sensitive data
Stay compliant
Always lock it
Apply a complex passcode
Shield your passcode
Apply the latest patches
Don’t click on unsolicited links
Think before downloading apps
Be careful what you share
Encrypt sensitive data
Know and follow your organization’s security policies
Don’t “jailbreak” or “root”Don’t “jailbreak” or “root”
www.sophos.com/loveyourphone
For organizations
Define what’s OK: devices, OS, versions
Get visibility of connected devices and data usage
Secure the device: require passcodes, control apps, remote management
Secure email access
Create mobile security policy
Deal with lost or stolen phones
Enable the user to manage their own device
Define what’s OK: devices, OS, versions
Get visibility of connected devices and data usage
Secure the device: require passcodes, control apps, remote management
Secure email access
Create mobile security policy
Deal with lost or stolen phones
Enable the user to manage their own device
www.sophos.com/loveyourphone
Near Field Contact (NFC)
The digital wallet
Augmented reality
Watch this space!
Near Field Contact (NFC)
The digital wallet
Augmented reality
Watch this space!
What’s next for mobile devices?
www.sophos.com/loveyourphone
www.sophos.com/loveyourphone