Monday, February 5, 2018

What are the real mobile security threats? Part 3: How to protect?

In our 2 previous posts, we made a review of majors Network, Apps and configuration threats smartphone are facing.

So what can we do to protect ourselves against mobile threats?

There are a number of precaution one can take by himself, or that an organization can enforce using the appropiate tools.

Network threat defense

As we mentionned in part 1 of this post, public wifi are easy to use as a mean for Man in the midlle attacks using ARP Spoofing techniques. So the first thing is to protect yourself from public Wi-Fi networks:
    beware of unknown networks
  • It would be better never to use them, and in particular to disable the option of automatic connection to open Wifis.
  • If you connect to a public Wifi, protect yourself using a virtual private network (VPN), which allows all traffic to be hidden from the attacker.
  • Be cautious as well when connecting to a company networks: your provider or customer may be interested in your inside information.
Solutions like Samoby Mobile Security are able to detect ARP Spoofing attacks, or SSL spoofing, and notify you in real time and force the use of a VPN

The second great precaution is to avoid the use of non-secure connections:
  • Do not connect to websites that do not use certificates
  • heed the warnings of unsafe connections: accepting a certificate of unknown entity exposes to Man In The Middle attacks
  • Use a solution like Samoby Mobile Security that detects ARP Spoofing and when an attacker tries to use unreliable certificates.

App threats defense 

Following recommandations and conclusions in part 2 of this post, regarding applications there are several precautions that can be taken:
    Beware of unknown apps
  • never use unofficial apps stores,
  • let the apps update as often as possible
  • Avoid the use of applications that communicate their location publicly: snapshat, Strava, etc. You can even recommend deactivating the location for people whose activity is very sensitive.

Samoby Mobile Security allows you to validate that the installed apps are not in its database of Malware or applications with vulnerabilities. It also allows limiting the use of certain applications based on several criteria: Unofficial applications, dangerous applications, time, location, etc.

Configuration threats

Both apps and network threats protection also requires you to take care when configuring the device that you do not make the job easier for attackers. For what are the device configurations, the main measures to adopt are:
  • Always apply the last safety patch
  • Do not use "rooted" or "Jailbreaked" versions of the phone
  • Do not enable development or debug mode
  • Encrypt the phone data, enabling this option on the phone if it is not by default
  • Have a phone lock scheme or code that is automatically enabled when the phone is idle
  • Disable the installation of applications from unofficial stores
  • Disable the option of automatic connection to open Wifis.

Samoby mobile security
Samoby mobile Security allows a permanent Audit of the configuration, and establish lists of vulnerabilities such as:
  • old versions of OS or security patches not applied
  • Lists of potentially dangerous configurations, such as authorization to install applications from unknown sources, devices in debug mode, or rooted, etc.
  • List of applications on a device from unofficial stores,
  • List of applications installed in a vulnerable version
  • List of applications that use suspicious permissions: access to keys pressed, to camera, location, recorder, etc.

You can contact Samoby to ask for a demo of its mobile security solution.

No comments:

Post a Comment