The future of computers and communication lies with mobile devices, such as laptops, tablets and smartphones with desktop-computer capabilities. Their size, operating systems, applications and processing power make them ideal to use from any place with an internet connection. And with the expansion of ruggedized devices, the Internet of Things (IoT) and operating systems, such as Chrome OS, macOS and Windows 10, every piece of hardware that’s enhanced with this software and capabilities becomes a mobile computing device.
Because mobile devices have become more affordable and portable, organizations and users have preferred to buy and use them over desktop computers. And with ubiquitous wireless internet access, all varieties of mobile devices are becoming more vulnerable to attacks and data breaches.
Mobile devices have a much bigger attack surface than desktops, making them a more significant threat to corporate security. A desktop is immobile with threats mainly from outside attackers, but mobile devices are vulnerable to physical and virtual attacks. Users carry mobile devices with them wherever they go, so administrators must worry about more physical attacks (e.g., theft and loss) and virtual threats from third-party applications and Wi-Fi hotspots (e.g., man-in-the-middle attacks). Stationary desktops don’t move from the corporate network, making it easier for administrators to control network and endpoint security. With mobile devices, users can root them, add any app, and physically lose them.
Authentication and authorization across mobile devices offer convenience, but increase risk by removing a secured enterprise perimeter’s constraints. For example, a smartphone’s capabilities are enhanced by multi-touch screens, gyroscopes, accelerometers, GPS, microphones, multi-megapixel cameras and ports, allowing the attachment of more devices. These new capabilities change the way users are authenticated and how authorization is provided locally to the device and the applications and services on a network. As a result, the new capabilities are also increasing the number of endpoints that need protection from cybersecurity threats.
Today cybercriminals can hack into cars, security cameras, baby monitors and implanted healthcare devices. And by 2025, there could be more than 75 billion “things” connected to the internet — including cameras, thermostats, door locks, smart TVs, health monitors, lighting fixtures and many other devices.
For many of these reasons and more, corporations have a lot more overhead when creating strategies surrounding mobile devices. Even with the overhead, it’s a critical part of cybersecurity as mobile devices pose significant threats to data integrity.
Mobile security is the strategy, infrastructure, and software used to protect any device that travels with users, including smartphones, tablets, and laptops. Cybersecurity for mobile devices includes protecting data on the local device and the device-connected endpoints and networking equipment. As mobile devices continue to be a user preference over desktops, they will be bigger targets for attackers.
There are two main physical threats to a mobile device: data loss and theft. Natural disasters are also an issue, which would be the cause of data loss but not data theft. Lost data can be recovered, but data theft is an expensive issue for organizations. Mobile devices have lock screens to help stop data theft after a device is stolen, but the technology must be strong enough to prevent an attacker from bypassing the screen lock by removing the storage device and extracting the information.
Should the device be stolen, it should request a few PIN attempts to get only to the home screen before locking the phone. This security feature stops brute-force home screen PIN attacks. For devices with sensitive data, the company should use wipe applications that delete all data on the phone after several incorrect home screen PIN attempts. Encrypted storage drives stop attackers from exfiltrating data directly from the device by bypassing the PIN feature.
Administrators can block applications from being installed on a desktop, but a user with a mobile device can install anything. Third-party applications introduce several issues to mobile device security. Corporations must create a policy surrounding mobile devices to help users understand the dangers of installing unapproved third-party apps.
Mobile malware is undetected software, such as a malicious app or spyware, created to damage, disrupt or gain illegitimate access to a client, computer, server or computer network. Ransomware, a form of malware, threatens to destroy or withhold a victim’s data or files unless a ransom is paid to decrypt files and restore access.
Cryptojacking, a form of malware, uses an organization’s computing power or individual’s computer power without their knowledge to mine cryptocurrencies such as Bitcoin or Ethereum, decreasing a device’s processing abilities and effectiveness.
Older operating systems (OS) usually contain vulnerabilities that have been exploited by cybercriminals, and devices with outdated Oss remain vulnerable to attack. Manufacturer updates often include critical security patches to address vulnerabilities that may be actively exploited.
Mobile apps have the power to compromise data privacy through excessive app permissions. App permissions determine an app’s functionality and access to a user’s device and features, such as its microphone and camera. Some apps are riskier than others. Some can be compromised, and sensitive data can be funneled through to untrustworthy third parties.
Users should not be able to root their phones, but some do, rendering many of the internal operating system security controls unusable. Third-party applications running on rooted devices can disclose data to an attacker using a number of attack methods. Third-party applications can also have hidden malware and keyloggers embedded in the code. Anti-malware programs can be installed, but rooted devices leave even these applications open to malware manipulation.
With mobile devices – especially bring-your-own-device (BYOD) – they create a threat for the internal network. It’s not uncommon for malware to scan the network for open storage locations or vulnerable resources to drop malicious executables and exploit them. This can happen silently on a mobile device that isn’t adequately secured.
Unsecured wifi hotspots without a virtual private network (VPN) make mobile devices more vulnerable to cyberattack. Cybercriminals can intercept traffic and steal private information using methods such as man-in-the-middle (MitM) attacks. Cybercriminals can also deceive users into connecting to rogue hotspots, making it easier to extract corporate or personal data.
Administrators can force anyone with a BYOD to have antimalware installed, but it still does not ensure that the software is up to date. If the corporation offers public Wi-Fi hotspots for customers and employees, this too can be a point of concern. When employees connect to public Wi-Fi and transfer data where other users can read data, it leaves the network vulnerable to man-in-the-middle (MitM) attacks and possible account takeover if the attacker steals credentials.
Web-Based and Endpoint Threats
Mobile apps connect to data and internal applications using endpoints. These endpoints receive and process data, and then return a response to the mobile device. The endpoints and any web-based application add threats to the organization. Endpoints used by the application must be properly coded with authentication and authentication controls to stop attackers. Incorrectly secured endpoints could be the target of an attacker who can use them to compromise the application and steal data.
Because mobile devices have been increasingly more popular, some web-based attacks target these users. Attackers use sites that look like official websites tricking users into uploading sensitive data or downloading malicious applications. It’s not uncommon for an attacker to tell a user that they must download an app to view a video or other media source. Users download the app and don’t realize it’s a malicious app used to probe the devices for vulnerabilities and disclose data.
Components of Mobile Security
The core security requirements remain the same for mobile devices as they do for non-mobile computers. In general, the requirements are to maintain and protect confidentiality, integrity, identity and non-repudiation.
Organizations that use mobile devices have several options to protect them from attackers. Components in mobile security can be used to define cybersecurity strategies surrounding mobile devices. In addition to the infrastructure added to corporate strategy, it’s also important to create BYOD and mobile device policies that instruct users what can and cannot be installed on the device.
The following components will help any organization protect from attacks directed towards mobile devices:
Penetration scanners: Automated scanning services can be used to find vulnerabilities in endpoints. While this is not the only cybersecurity that should be used on endpoints, it’s the first step in finding authentication and authorization issues that could be used to compromise data.
VPN: A virtual private network (VPN) allows a company to securely extend its private intranet over a public network’s existing framework, such as the Internet. With a VPN, a company can control network traffic while providing essential security features such as authentication and data privacy. VPN alternatives installed on a mobile device will encrypt data from the device to the endpoint or from the device to the internal network.
Auditing and device control: While administrators can’t remote control a smartphone or tablet, they can require users to install remote wiping capabilities and tracking services. GPS can be used to locate a stolen device, and remote wiping software will remove all critical data should it be stolen.
Email security: Phishing is one of the biggest threats to all organizations. Email services are usually added to a mobile device so that users can obtain their email messages. Any phishing messages could target mobile devices with malicious links or attachments. Email filters should block messages that contain suspicious links and attachments.
A secure gateway is a protected network connection, connecting anything to anything. It enforces consistent internet security and compliance policies for all users regardless of location or device type used, and it keeps unauthorized traffic out of an organization’s network.
Cloud access broker
A CASB is a policy enforcement point between users and cloud service providers (CSPs). It monitors cloud-related activity and applies security, compliance and governance rules around cloud-based resources use.
Enterprise mobility management
EMM is a collective set of tools and technologies that maintain and manage how mobile and handheld devices are used within an organization for routine business operations.
Mobile Security Market
The global market for Mobile Security estimated at US$41.8 Billion in the year 2020, is projected to reach a revised size of US$241.6 Billion by 2027, growing at a CAGR of 28.5% over the analysis period 2020-2027.
The global mobile security market has been divided based on solution, deployment, operating system, and end-user.
On the basis of solution, the global mobile security market has been divided into multi-factor authentication, mobile application management, data encryption, mobile data protection, and a firewall.
On the basis of deployment, the global mobile security market has been segmented into cloud-based and on-premises.
On the basis of the operating system, the global mobile security market has been categorized into iOS, blackberry, android, windows, and others.
On the basis of end-user, the global mobile security market has been divided into individual users, government users, financial institutions users, retail users, telecom and IT users, education seekers, manufacturing and automotive, and many others.
The Mobile Security market in the U.S. is estimated at US$11.2 Billion in the year 2020. China, the world’s second largest economy, is forecast to reach a projected market size of US$60.7 Billion by the year 2027 trailing a CAGR of 35.1% over the analysis period 2020 to 2027. Among the other noteworthy geographic markets are Japan and Canada, each forecast to grow at 22.7% and 26% respectively over the 2020-2027 period. Within Europe, Germany is forecast to grow at approximately 24.4% CAGR.
In the global Mobile Data Protection segment, USA, Canada, Japan, China and Europe will drive the 27.1% CAGR estimated for this segment. These regional markets accounting for a combined market size of US$6.9 Billion in the year 2020 will reach a projected size of US$36.9 Billion by the close of the analysis period. China will remain among the fastest growing in this cluster of regional markets. Led by countries such as Australia, India, and South Korea, the market in Asia-Pacific is forecast to reach US$37.8 Billion by the year 2027, while Latin America will expand at a 28.9% CAGR through the analysis period.
Major Mobile Security Market Manufacturers include: Microsoft Corporation (New Mexico, United States), Google LLC (California, United States), IBM Corporation (New York, United States), Lookout, Inc. (California, United States), Apple, Inc. (California, United States), Kaspersky Lab (Moscow, Russia), Intel Corporation (California, United States), VMware, Inc. (California, United States), AVG Technologies (Prague, Czech Republic), Symantec Corporation (Arizona, United States), F Secure Corporation (Helsinki, Finland), Oracle Corporation (California, United States), NortonLifeLock, Inc. (Arizona, United States), Zimperium (Texas, United States), Giesecke+Devrient GmbH (Munich, Germany)
References and resources also include: