A smartphone can feel like a ticking time bomb to IT security pros. With the BYOD trend now well established in the workplace, and employees less vigilant about avoiding malicious links, the chances for trouble remain high.
But when your personal and professional lives intersect on your phone — the same one that often includes confidential corporate data and email — it’s inevitable that someone will stumble onto malware. Chris Crowley, an instructor at the SANS Institute, offers a rundown of the top mobile security threats today and what can be done to head then off.
1. Untrustworthy devices. A device itself may be faulty or maliciously configured within the supply chain, providing violation of CIA (confidentiality, integrity, availability), he said. One example: CheckPoint earlier this year found an infection of 36 Android devices at a large telecommunications company. In each case, the breach was not caused by the user, but by malware already on the phone when the employee took it out of the box.