In recent years, the global marketplace has seen an exponential increase in the number of smartphones and mobile devices in use. These devices are quickly becoming critical for staying connected - not only within our personal lives, but for conducting business outside the traditional walls of the dealership. As these devices become more commonplace, “Bring Your Own Device” (BYOD) policies are being adopted across all types of industries. These policies are designed to allow employees to utilize mobile devices they have personally purchased to connect to a corporate infrastructure for either cost or convenience. As these mobile devices proliferate and are used to access more sensitive and valuable data, they have become a popular target for attackers. It is important that these devices are secured properly to ensure the privacy and integrity of the data being accessed.
Mobile devices consist of any portable computing device, which has the ability to connect to a data network (typically wireless). This includes laptops, tablet computers, and smartphones, which run installed software applications to perform functions. The majority of these devices today use iOS or Google AndroidTM platform to run the installed software applications.
Tip #1: Don’t download unknown third party applications
Software applications that are available for download from a website, which is not part of the application marketplace hosted by the vendor (e.g. Google PlayTM store), are considered “Third Party.” These third party applications have not been assessed for security by the vendor and could therefore contain malicious software.
Tip #2: Keep device and application software up to date
Updates to software can contain patches which protect a device from known security vulnerabilities. It is important to keep device Operating System and application software up to date to ensure the system is as secure as possible.
Tip #3: Don’t connect to insecure public or unknown open wireless networks
Connecting to wireless networks which may not use appropriate encryption strength, or are unfamiliar to you may expose your communications to additional risk. Attackers may capture the traffic and decrypt it if the encryption is not strong enough or you are using an access point they control.
Tip #4: Do not root or jailbreak
The act of “Rooting” or “Jailbreaking” a phone occurs when a user obtains and installs Operating System software which has not been approved and distributed by the vendor. This software typically has been modified to circumvent security controls and other parameters with the intent of additional customization abilities. Weakening the security controls of any system adds unnecessary risk for infection of malicious software and/or data loss.
Tip #5: Lock screen passcode protection
Mobile devices may contain data that is sensitive in nature or may adversely impact the business should it be exposed. With the addition of lock screen passcode protection the risk of exposure to that data is minimized should a mobile device be lost or stolen.
As mobile devices blur the traditional boundaries of how, where, and what we access to conduct business it is important to maintain the security of mobile devices. The network is only as secure as its weakest device, and one infected device may be all it takes to impact operations, cause a breach, or potentially incur fees and fines.
© 2015 Google Inc. All rights reserved. Android and Google Play store are trademarks of Google Inc.