Mobile Device Security For Dummies by Rich Campagna

Author:Rich Campagna [Campagna, Rich]
Language: eng
Format: epub, mobi
Publisher: John Wiley & Sons, Ltd.
Published: 2011-07-14T05:00:00+00:00

Protecting the Device from Viruses

Because we’re talking all about compliance in this chapter, take a look at the various aspects of smartphones that are vulnerable to hackers, and what you can do to protect the devices and data on them:

Malicious apps: Certain apps can steal information from the device and relay it back to a hacker’s server. Information that can be stolen includes the contacts, calendar, messages, and other content stored on the device. Several apps prompt users to allow them to access their GPS location, for example. Allowing GPS access to an app provides crucial information about where the device and its owner are at any point in time, putting data at risk because the device could be physically stolen. It’s critical to monitor the behavior of apps and weed out the ones that are malicious.

Spam: Mobile devices are susceptible to receiving spam in several forms, including text messages, instant messages, and e-mail, and via online games. These are all ways in which spammers target smartphone owners. The spam messages are typically solicitations for products or services, often fraudulent.

Worms, viruses, and Trojans: Just like on Windows PCs, software viruses can affect smartphones and replicate by sending copies of themselves to all contacts found in the address book. Devices can receive such files via SMS, MMS, e-mail, Bluetooth, or any of the plethora of communication methods available for smartphones.

From a compliance perspective, here’s a list of items that you should consider enforcing on smartphones in your corporate network:

Comprehensive antivirus protection, with automatically updated virus signatures to protect against Trojans, worms, and other threats

Antispam protection, with the ability to automatically delete spam

Antimalware protection, to detect malicious apps that suspiciously track user information via GPS

Firewall protection, to set traffic filters that control the traffic flowing into as well as out of the device.

Not having such software is akin to letting your users connect to your corporate network from computers that have no security software (like antivirus or antispyware). You’d never let that happen, so why allow smartphones to be able to connect without similar protection?

As for personal versus corporate-assigned smartphones, you should enforce the virus protection on both types of devices, just like you would on both home computers and corporate laptops.

Applications like antivirus protection usually affect the battery life of a smartphone. Be sure to analyze the effects on battery life when you shop around for smartphone antivirus solutions.

Most antivirus software products work off virus signatures that are regularly updated by the vendor. Look for solutions where the virus signatures are automatically updated from the vendor to each smartphone. You can’t expect the smartphone user to manually update the virus signatures.

Table 6-5 summarizes the compliance policies to protect smartphones from viruses and other threats.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.