Mobile Cyber Security: Minimizing Loss and Maximizing Profit

According to the Symantec Internet Security Report, the known number of times that computer security is penetrated is 34,529… per day. One study estimates that the cost of such breaches to businesses has risen to an average of $174—per record compromised. That figure, multiplied by hundreds, thousands, or tens of thousands, if often high enough to put a company out of business. According to a recent article, in response to the advantages of cloud computing, coupled with consumer mobile shopping trends, 73% of companies plan to increase mobility spending within the next 12 months.

Cloud computing offers businesses a number of advantages that help them remain competitive. Consumers also benefit greatly from the ability of businesses to access their data and respond to inquiries from anywhere at any time. One of the best examples of this is the medical field. Doctors are able to securely share files with specialists and other healthcare professionals to arrive at the very best treatment plan possible for their patients.

However, mobile computing also increases the risk for security breaches. Some of them are the result of human error, such as the one that occurred when a doctor inadvertently left his laptop, containing hundreds of patient files, on a train. Others are deliberately caused by criminal activity, such as malware or viruses, which are often distributed in what are called “drive-by downloads”, which include freeware, or apps by third-party stores. One such virus is the FBI Anti-Piracy Warning virus, which is ransomware disguised as a directive from a legitimate law enforcement agency.

According to Gartner, security updates are one of the most important factors in maintaining mobile security. Some mobile device manufacturers have better records than others in ensuring that their users receive regular updates. The computer laboratory at Cambridge University published a report estimating that 87% of Android mobile devices are insecure. Experts predict that in the future, businesses will rely more on app reputation services and mobile threat prevention solutions.

“It used to be expensive to make things public and cheap to make them private. Now it’s expensive to make things private and cheap to make them public.”
– Clay Shirky, Internet scholar and professor at N.Y.U.

Another very realistic threat that’s emerging recently is mobile botnet. Pierre-Marc Bureau, Security Intelligence Program Manager from ESET explains what we’re dealing with here: The word botnet is made up of two words: bot and net. Bot is short for robot, a name we sometimes give to a device that is infected by malicious software. Net comes from network, a group of systems that are linked together. A botnet is a network of infected devices, where the network is used by the malware to spread.

One potential advance in security currently being developed as a response to the number of cyber attacks rising 100% between 2013 and 2014, is the creation of artificial intelligence (AI) platforms. Japanese firm NTT Communications and SoftBank are collaborating on the project and plan to begin offering protection from cyber-attacks as a monthly service to customers as soon as next year. The NTT service will be able to recognize patterns in viruses, which can also help identify their creators. According to the company, 99% of unauthorized access will be detectable.

Meanwhile, in addition to utilizing the services of security experts, there are some things you can do to increase your own mobile security. One of those things is reducing the amount of data you need to protect. Businesses and individuals alike should have policies on how long information should be stored. Any unused files containing personal information should be regularly purged. When purging data that is no longer necessary, there are also steps you should take to make sure the information is really gone. Even the best computers wear out and must be replaced and valuable data isn’t something any business wants to donate along with their old computers.

One way to address security breaches that are the result of human error is by creating remote disabling capabilities. If a mobile device is lost, stolen or otherwise compromised, its contents can be immediately rendered inaccessible, or even non-existent. All companies should have a policy in place designating who is authorized to disable a mobile device and under what circumstances.

Credit card transactions also present risks for breaches in security. Experts recommend implementing end-to-end encryption or tokenization (PDF) on all credit card transactions to reduce those risks. Finally, because not even the technology industry is completely exempt from data security breaches, it’s important that all vendor contracts address the issue of cyber security. In the digital age, increased security equals increased profits.

About the Author

Philip Piletic – Marketing and e-commerce specialist with several years of experience in the field. In his spare time he loves to write about the latest trends in technology, economy and finance and help people adapt to the fast evolving world of today’s online business.

Photo credit: Thomas Wolter