National Cyberspace Security Awareness Month is an opportunity to engage and inform the community about cybersecurity. During October, the UM Information Technology department will share important information, tips, and resources that will focus on different cybersecurity issues, including cybercrime, mobility, and online safety.
This week, UMIT focuses on mobile security. Mobile devices, such as smartphones and tablets, are dominating the IT landscape. In the first quarter of 2013, there were over 6 billion mobile subscriptions worldwide. Statistics reveal that 85 percent of consumers use the same device for personal and professional purposes, which has caused organizations to face mounting regulatory compliance mandates and security issues.
Currently, it is estimated there are 113 lost or stolen mobile devices each minute. Most mobile devices contain substantial amounts of sensitive data—both business and personal. In 2011 $48 billion was lost in the U.S. alone due to data breaches (22 percent health care, 20 percent education). Twenty-eight percent of the breaches, resulting in data leakage, were attributed to lost or stolen mobile devices. Remarkably, 92 percent of security breaches are avoidable. Effective ways of avoiding the risk of a security breach include updating your mobile software, implementing data access control, utilizing secure data backup, and using encryption.
Where should you start?
Keep your Hardware Up-to-date
Mobile devices are computers with software that needs to be kept up-to-date (just like your PC or laptop). Mobile device manufacturers and application vendors regularly issue updates to fix known security and performance issues. It is important to ensure your devices have the latest versions of these updates, including operating system and/or application patches.
Protect Sensitive Information
Adopt the following practices to protect data on your mobile device(s):
- Secure your device using a strong passcode to lock your mobile device(s).
- Keep your device physically secure while traveling.
- Avoid keeping sensitive data on your device, and when you do store such data, limit the quantity and time it’s maintained on the mobile.
- Always use encryption when backing up your device.
- Only keep geo location, Bluetooth, and Wi-Fi features on your mobile devices active when you are using them. Be aware that social networking sites may automatically post your location if you have geo location enabled. Learn how to disable the geotagging feature on your phone at http://icanstalku.com/how.php#disable.
- Don’t click on links in emails or text messages unless you trust the sender and were expecting to receive a link from them. As with larger computers, malware, spyware and phishing attacks against mobile devices are often initiated by clicking on links.
- Be aware of the signs of potential compromise of your mobile device including decreased device performance, random functions, or calls, texts or emails to numbers and email addresses you don’t recognize.
- Report your device lost or stolen as soon as you are aware so that you may leverage the remote wipe capabilities to prevent the unauthorized disclosure of data.
Connect with Care
Use common sense when you connect. If you’re online through an unsecured or unprotected network, be cautious about the sites you visit and the information you release.
- Get savvy about Wi-Fi hotspots: Limit the type of business you conduct and adjust the security settings on your device to limit who can access your phone.
- Protect your financial information: When banking and shopping, check to be sure the site is security enabled. Look for Web addresses that begin with “https://” or “shttp://”, which means the site takes extra measures to help secure your information. (“Http://” is not secure.)
- When in doubt, don’t respond. Fraudulent texting, calling, and voicemails are on the rise. Just like email, requests for personal information or for immediate action are almost always a scam.
Protect others’ privacy
Adopt the following practices to protect others’ privacy.
- Avoid taking photographs while within the workplace, especially in a health care setting, unless it’s part of an approved operating procedure.
- Obtain permission before taking pictures or videos of others with your mobile device.
- Even with permission to photograph, you may be inadvertently capturing images with sensitive pictures, text, etc. in the background. Review photographs to ensure potentially sensitive information is not being inadvertently revealed.
If you have questions or concerns related to this topic, please contact email@example.com.